Splunk Dives Deeper Into Observability

Splunk, during its online .conf20 conference today, launched the Splunk Observability Suite, which combines tools for infrastructure monitoring, application performance monitoring, digital experience monitoring, log investigation and incident response in a single offering.

Kia Behnia, vice president of ITOps for Splunk, said IT teams can correlate metrics, traces and log data in real-time to go beyond simply monitoring IT platforms to also include the end user experience. As part of the Splunk Observability Suite, Splunk is making available in beta Splunk Log Observer, a cloud-based service for visually inspecting logs and sending messages to DevOps platforms based on events being observed by Splunk platforms, and Splunk Real User Monitoring, which extends the reach of Splunk Application Performance Management(APM) platform to add a module that tracks specific end user application experiences.

That critical because without end user monitoring capabilities an observability platform will lack crucial context, said Behnia, noting observability needs to start with IT infrastructure and then extend out to encompass the actual end user experience.

Splunk this week also announced enhancements to Splunk Cloud and Splunk Enterprise, which are now based on a version 8.1 of the core Splunk platform that is now generally available. The company is also making available in beta a Splunk Machine Learning Environment (SMLE) to makes it easier to build and operationalize machine learning models and algorithms.

The Splunk Data Stream Processor (DSP) platform is also being updated later this year to add support for cloud services such as Google Cloud Platform (GCP) and Azure Event Hub along with support for lookups and machine learning algorithms.

Splunk is also making available a beta release of a Splunk Operator for Kubernetes to simplify deployments along with making Splunk Cloud available on GCP.

The company is also updating Splunk Connected Experiences to include a Splunk Augmented Reality capability that adds a remote collaboration feature that allows users in two different places to interact and visually compare data.

Splunk TV, a mobile application for analyzing IT operations trends, is now also available on Google Android as well as Apple. Users can now also centrally control multiple TVs without having to be connected to the same network.

Other additions to the Splunk IT Operations portfolio include Splunk Service Intelligence for SAP, which applies artificial intelligence (AI) to these environments; an update to Splunk IT Service Intelligence (ITSI) that adds predictive analytics tools; a Splunk Infrastructure Monitoring Add-On to integrate Splunk Infrastructure Monitoring gained via the acquisition of SignalFX; and the beta of Splunk IT Essentials to provide a more curated implementation of Splunk Cloud.

Finally, Splunk has updated Splunk Enterprise Security and launched both Splunk Mission Control and the Splunk Mission Control Plug-In Framework. The framework makes it possible to combine third-party security tools with updates to Splunk security information event management (SIEM) and Splunk Phantom security orchestration automation and response (SOAR) platforms. Initial partners include Accenture Security, C3M, Crowdstrike, Netskope, Recorded Future, RiskIQ and Tenable.

Put it all together, and it’s clear Splunk is now pushing to extend observability in every IT direction possible.