In depth: Change management for the Splunk CoE
Organizations must consider which changes in Splunk (Splunk changes) warrant change management oversight. Change management governs which users can enact changes and when changes warrant review by the change management board. The change management board allows your organization to monitor change which can lead to significant increases in stability with Splunk.
Change management is the process that governs the change life-cycle from the initial change request to the final deployment of the change. It may include identification, request, assessment, procurement, evaluation, authorization, development, testing, and deployment of changes. Change management is the end-to-end process for change.
Difference between change management and change control
Change management encompasses the entire change life-cycle, whereas change control is a sub-process, and can be a stand-alone process, within change management. Change control’s core focus is ensuring releases or deployments do not conflict with other production components. The level of risk is typically higher and often accepted.
Critical and time sensitive platform changes, such as a security patch, are often subjects that path through change control.
Use change management to govern all changes unless they are out of scope to ensure they follow these guidelines:
- Documented and defined process to authorizing and deploying changes
- Common and visible method for changes
- Record of change to support platform heath and troubleshooting
Design a framework to provide both structure and flexibility. However, note that with flexibility comes the opportunity for an endless cycle of variations. Consider a moderate or limited approach that can quickly evolve through usage and experience such as:
- Change in scope (what is in scope or out of scope?)
- Change management process (what are the steps and activities?)
- Change pathway definitions
- Change management responsibility assignment matrix (RACI)
- Splunk change scenario matrix
- For information about best practices for configuration backups, see In depth: Configuration backups for the Splunk CoE.
- For information about motivating your users to learn and grow, see In depth: User enablement for the Splunk CoE.
- See What is Splunk knowledge? in the Splunk Enterprise Knowledge Manual.
- See Manage knowledge objects through Settings pages in the Splunk Enterprise Knowledge Manual.
User and Team Lifecycle
In depth: Communication plan for the Splunk CoE
This documentation applies to the following versions of Splunk® Center of Excellence: current