Splunk Insights or Splunk App for Infrastructure: What’s Right for Me?

Two months ago, we released a new product as part of the “Splunk Insights” brand for SysAdmins, SREs, system engineers and anyone responsible for the availability and performance of hybrid IT infrastructure. Splunk Insights for Infrastructure is a no-risk introduction to IT monitoring using Splunk. As product manager for Splunk Insights for Infrastructure, it’s been my pleasure to work with new and existing Splunk customers in designing an easy to use, fast-start product for infrastructure monitoring.

Splunk Insights for Infrastructure is an analytics solution for IT monitoring designed for System Administrators and Site Reliability engineers that provides immediate insight into the performance and availability of their bi-modal IT infrastructure. Version 1.0 supports Linux hosts as well as AWS EC2, EBS and ELB data sources; as of Version 1.1, we now support Windows monitoring and deployments.

Perhaps the best way to get to know the product is with this video:

Now, back to the question I get all the time—what is the difference between Splunk Insights for Infrastructure and the Splunk App for Infrastructure?

Splunk Insights for Infrastructure

If you’re new to Splunk (whether that means you and your team are new to Splunk or your entire company is new to using Splunk), the Insights product is designed to give you a no-risk, easy to install and set up experience for getting started using Splunk for infrastructure monitoring. Splunk Insights are a line of products that simplify the Splunk platform and provide turn-key solutions for IT and security; there's also Splunk Insights for AWS Cloud Monitoring and Splunk Insights for Ransomware. These products are priced and licensed differently than Splunk Enterprise. The differences between Splunk Insights for Infrastructure and Splunk Enterprise can be found in Splunk Docs.

Splunk Insights for Infrastructure is designed to easily upgrade to the Splunk Enterprise platform once you and your team are ready to unlock the massive app and integrations ecosystem and set of capabilities available to Enterprise customers.

Splunk App for Infrastructure

The Splunk App for Infrastructure is available on Splunkbase—the Splunk App marketplace—and is meant for existing Splunk customers who already have an Enterprise deployment and license. The Splunk App for Infrastructure is nearly identical in terms of features to the Splunk Insights for Infrastructure. The App for Infrastructure includes the ability to link into Search & Reporting, Splunk’s powerful search tool for doing ad-hoc analysis of both logs and metrics. The App for Infrastructure also includes the ability to save investigation views as dashboards and customize visualizations from data collected by the App for Infrastructure. The Splunk App for Infrastructure installs the same as any other Splunk App.

Whether you're new to Splunk or an existing customer, we believe you’ll find this new product built on top of the Splunk Metrics and Log store valuable to your team; it's the first major IT monitoring product that integrates both types of data in a single experience. The next entries in this blog series will go into specific features and capabilities that will help you unlock the full potential of the product.

Nick Tankersley
Posted by

Nick Tankersley

Join the Discussion