Announcing the Splunk Agentic Ops Hackathon

AI is changing how organizations investigate incidents, detect threats, automate workflows, and build smarter digital experiences. But the AI that moves your business forward is grounded in operational data—the logs, metrics, events, and traces that show what's happening in real time. As this machine-generated data surges, traditional reactive approaches are becoming unsustainable, necessitating a shift toward AgenticOps. In this new era, intelligent, autonomous agents work alongside human experts to proactively predict issues, secure infrastructure, and automate complex workflows before they impact the business, ensuring operational resilience. Come be a part of this movement!

We’re thrilled to announce the Splunk Agentic Ops Hackathon, starting May 18th, in partnership with DevPost. We're inviting developers, security practitioners, IT and network engineers, observability teams, and platform builders to build with Splunk and compete for $20,000 in prizes plus free passes to .conf26.

At Splunk, we believe your data strategy is your AI strategy. The most useful AI systems are built on context, and that context lives in operational data.

Build Across Three Core Tracks

In the Observability track, teams can build AI-powered solutions that help monitor systems more intelligently, investigate incidents faster, identify root causes, and improve application or infrastructure reliability. The most interesting ideas here will go beyond dashboards and alerts, including AI experiences that summarize incidents, connect symptoms to probable causes, or guide engineers through investigation and remediation using real operational context.

In the Security track, participants can create intelligent workflows that help teams detect, investigate, and respond to threats faster. The opportunity is speed and clarity—using AI to cut through noise, prioritize what matters, and support more confident decisions in high-pressure situations. As security teams face increasing scale and complexity, practical AI grounded in high-fidelity data can make a meaningful difference.

In the Platform track, builders can create next-generation developer and platform experiences that make it easier to create, extend, and automate with Splunk. This is a chance to rethink the builder experience itself: how Splunk admins and developers interact with data, how workflows can become more intuitive, and how AI can reduce friction for the teams creating and operating modern systems.

Your Toolkit of Splunk AI Capabilities

To help you build, we’re providing access to our latest AI capabilities. This is your chance to get hands-on with recently released tools that are shaping the future of the Splunk Platform:

• AI for Splunk Apps to build agentic workflows inside Splunk apps using the Python SDK
• Splunk MCP server to connect AI agents securely to Splunk the Splunk Platform and Observability Cloud using the Model Context Protocol
• Splunk AI Assistant to generate and edit SPL queries using natural language
• Splunk AI Toolkit to build custom AI models with your data
• Splunk Hosted Models to use models such as the Foundation AI Security Model and Cisco Deep Time Series Model

Submit a Winning Entry

Most AI products are built for one domain, whether security, DevOps, or networking. Splunk's data sits across all of them. The strongest entries will often connect signals across domains, like a security alert that pulls in network context, or an incident investigation that surfaces related platform events. That kind of unified visibility is hard to build anywhere else.

A note on what we'll prioritize in judging. The best projects will keep human-in-the-loop. The winning projects won't automate just for the sake of it; they would give engineers and analysts better visibility and a clearer next move. That's how AI earns its way into the workflows of developers, security practitioners, IT and network engineers, observability teams, and platform builders.

If you don't have an idea yet, try an incident investigation assistant, a triage workflow that routes the right alerts to the right analyst, a network troubleshooting agent, or a productivity tool for Splunk app developers. Pick a real problem you've watched a team work through and build the agentic operations workflow you'd want to put in their hands.

Get Started!

Submissions open May 18th and run through June 15th. More details about judging criteria, resources, and rules are shared on the website. Register today.