Observability is vital to every business. You’ve heard this before — if you’re in ITOps, you’re using observability to keep key IT and business services up and running; if you’re an SRE, you’re using it to keep websites and systems optimized for customer experience and business results; or if you’re a developer, you use it to ship code faster and spend more time on what matters.
Splunk Observability Cloud, Splunk IT Service Intelligence (ITSI), and Splunk IT Essentials Work provide you with the tools you need to meet these goals, and we’re excited to announce several new capabilities and updates for these solutions.
Before we dive into those, let’s talk about new challenges brought on by the complexity of cloud-native technologies and microservices architectures. If you haven’t fully embraced Splunk’s observability solutions, you may still be struggling with some of these challenges.
- Limited visibility into infrastructure, application performance, and customer experience
- Increasingly long duration of customer impacting issues
- Poor business adaptability and agility
- Too many tools and fragmented workflows resulting in siloed sources of data
- Tools that can’t keep up with the speed and scale of modern application environments
These challenges are well-known by experts in the industry, who recognize the limitations of traditional monitoring tools and the need for observability in today’s digital-first world.
"The rate and volume of change brought on by today's hybrid and multicloud strategies are continually becoming more complex and harder to manage with traditional monitoring tools," says Stephen Elliot, Group Vice President, I&O, Cloud Ops, and DevOps, IDC. "In order to keep up in this new era of cloud-first technologies, organizations understand that a comprehensive solution to monitor and troubleshoot performance issues across every stage of cloud adoption — and across any environment with confidence — is a foundational ingredient for business success. Comprehensive observability solutions provide the ability to move faster, drive intelligence across IT and DevOps teams and deliver more reliable services to increase revenue and improve customer relationships."
In order to help you address this complexity and provide you with a comprehensive solution to monitor and troubleshoot any issue in your environment, we continue to invest in our enterprise-grade observability capabilities at Splunk. In May, we announced the general availability of Splunk Observability Cloud, a unified solution purpose-built to help everyone involved in software development conquer the complexity caused by modern applications and infrastructure.
Let’s dive into the new innovations we’re adding to Splunk’s Observability portfolio, to help you solve your modern monitoring challenges.
Observe Any Environment with Deeper Integrations and Expanded Use Cases
First, we are previewing the Splunk Observability integration with Splunk Enterprise via Splunk Log Observer. This integration enables Splunk customers to use the Log Observer interface directly within Observability Cloud and access data they are already sending to their existing Splunk instances. Existing Splunk Enterprise customers who have Splunk Infrastructure Monitoring, Splunk APM, or Splunk Observability Cloud licences can leverage Splunk’s intuitive Log Observer Interface at no extra cost, to explore and troubleshoot any logs in the Splunk platform without requiring Search Processing Language (SPL). This helps customers centralize their log data in Splunk Enterprise, as well as correlate metric and trace data in observability with those logs for faster root cause analysis.
We are also previewing AlwaysOn Profiling in Splunk APM, providing application developers and service owners visibility of code-level performance, linked to trace data, to troubleshoot production issues faster. With AlwaysOn profiling, teams using Splunk APM can now analyze and improve both intra-service performance of code-heavy three tiered monolithic architecture, and inter-service performance of microservice-based architectures, to troubleshoot bottlenecks and optimize service performance at any stage of cloud migration.
To further assist in troubleshooting and optimization, Splunk APM’s Database Query Performance, now in preview, helps find issues faster in distributed systems by showing queries and latency specific to a service and database interaction. Splunk APM users will be able to automatically view slow and high execution queries in context with service maps, aggregate performance against historical time windows, and can correlate query performance against index tags, infrastructure elements, availability zones, and more — all without having to instrument the database.
With the general availability of Splunk RUM for Mobile Apps, we’re adding end-to-end visibility of native mobile apps to help monitor and deliver great customer experiences on iOS and Android. Splunk RUM now supports both web browsers and mobile apps, with end-to-end tracing to backend services, to help our customers get the complete picture of their end user experience. With significant momentum planned for Splunk Synthetic Monitoring, we continue to deepen Splunk’s digital experience monitoring capabilities with extended full-fidelity visibility to help you deliver great customer experience.
In addition to these new innovations, we’re excited to announce that we are going mobile! Splunk Observability Mobile enables on-call SREs and developers to access all critical Observability Cloud dashboards and alerts on the go. It provides intuitive visualizations allowing users to better understand alert details right from their Apple or Android phone for faster triage, or to simply view their real-time dashboards to check up on the health of their environments. Mobile access is included with any Splunk Observability Cloud license.
Free Out-of-the-Box Capabilities for Faster Time to Value
If that wasn’t enough, we’re also previewing a new feature in Splunk Infrastructure Monitoring called AutoDetect, which automatically discovers infrastructure anomalies such as high container restarts, or pods remaining in pending status and intuitively incorporates alert status into dashboards. This simplifies the onboarding process and accelerates time-to-value via out-of-the-box problem detection for critical components.
Additionally, the new Splunk App for Content Packs acts as a one stop shop for prepackaged content to address common monitoring and troubleshooting use cases in our IT Service Intelligence (ITSI) and IT Essentials Work products — including new Content Packs for managing Microsoft 365, Third-party APM tools and Synthetic Monitoring. The Microsoft 365 Content Pack enables full visibility into the performance, availability, security, incidents, and messages across your cloud-based Microsoft 365 services like Exchange, SharePoint, PowerBI and more. By bringing your APM data into Splunk ITSI or IT Essentials Work with the Third-Party APM Content Pack, you can better manage the performance of all your applications alongside the rest of your IT environment. With the Synthetic Monitoring Content Pack, it’s now easier than ever to oversee the performance of your web applications by identifying and viewing Synthetic Checks with the prebuilt dashboards and common KPIs available. We also have a new Synthetics add-on available to integrate your synthetic monitoring data into either Splunk Cloud or Splunk Enterprise. Lastly, we are previewing a new content pack for Observability Cloud, which provides integration with data from Splunk APM, Splunk Infrastructure Monitoring and Splunk Synthetic Monitoring into a single, unified Service Analyzer view within Splunk ITSI for complete, full-stack service visibility and management.
Finally, as we recently announced at KubeCon, we will continue our leadership and contributions to OpenTelemetry with the donation of the eBPF Collector. Based on the technology acquired last year from Flowmill, the collector enables network observability for modern cloud applications. Specifically, the eBPF Collector allows accurate, complete models of cloud network dependencies and service health to be built without any changes to code or container images.
Conquer Complexity for Faster Innovation and Better User Experiences
All of these new innovations help customers detect and resolve problems faster, release new digital products more quickly, consolidate their tools, and ultimately deliver better user experiences. To access the preview features mentioned above, contact your Splunk sales team to express interest today.
The Splunk Observability portfolio is powered by Splunk technology for unmatched speed and scale. Whether you’re an existing Splunk customer, or just beginning to build an observability strategy, Splunk Observability offers a modular approach to address your most immediate observability needs.
Start a free trial today. Documentation about the new general availability features has been added to Splunk Docs.
Follow all the conversations coming out of #splunkconf21!