Splunk Insights/App for Infrastructure 1.2 is Here!

Hello from the happiest place on Earth—Splunk .conf18! ...which also happens to be held at Walt Disney World Resort in sunny Orlando, Florida!

We have some exciting updates to the Splunk Insights/App for Infrastructure in our 1.2 release. As a refresher, Splunk Insights for Infrastructure is our single instance server monitoring solution for System Administrators and SREs new to Splunk. Splunk Insights for Infrastructure combines metrics for monitoring and logs for troubleshooting (from AWS, Linux, and Window server environments) into a seamless, unified experience.

When you upgrade to Splunk Enterprise, you can use the Splunk App for Infrastructure (SAI)—free with your Enterprise license on Splunkbase—for the same experience—but you gain the capabilities of the powerful Splunk platform, like Search and Reporting (SPL), RBAC, and correlation across other data types and use cases. Think of SII as the onramp to Splunk Enterprise + SAI.

We made a few updates to both the Insight and the App for Infrastructure in 1.2, including:

  1. Monitor Performance with Context using Entity Overviews—Entity overviews provide curated views of host performance for each of your entity types. See all critical entity metrics in a collection of out of the box dashboards before jumping into troubleshooting and performance analysis.

  2. Go from Monitoring to Collaborative Incident Response with an Integration with VictorOpsUsers of the Splunk Insights/App for Infrastructure can push infrastructure alerts to VictorOps using an easy to set up integration between SII/SAI and VictorOps Incident Management service. Investigate root cause using metrics and log data in SII/SAI, then choose which alerts to automatically send to VictorOps for collaborative incident response.

We made some updates specifically to the Splunk App for Infrastructure (which runs on Splunk Enterprise for existing customers as a free app from Splunkbase) to make it ready for our large enterprise customers, including:

  1. Splunk App for Infrastructure Distributed Support—The Splunk App for Infrastructure provides a nearly identical user experience to the Splunk Insights for Infrastructure product, but for customers who already have a Splunk Enterprise license. Now, customers can use the Splunk App for Infrastructure for distributed (multi-instance) deployments (SHC, IDX Clusters).
  2. From Server to Full Stack Monitoring with the SAI Integration with Splunk ITSIYou now have the ability to integrate the Splunk App for Infrastructure with Splunk IT Service Intelligence (ITSI). You can now combine the unified view of metrics and logs with the power of a full-scale platform for monitoring for IT and the business. Make rich server, metric and alerting data from the Splunk App for Infrastructure available in Splunk ITSI to generate services, notable events, and KPIs to get an overall view of server health. Customers can correlate their server data across their entire IT stack, and also drill directly into Splunk App for Infrastructure data directly from Splunk ITSI to get more detail at the server level.

If you’re interested in hearing more about these awesome updates, we have two sessions perfect for you at .conf18!

Hear from Splunk’s own product developers at:

Hear from a customer using Splunk App for Infrastructure and VictorOps together in a cloud-native, distributed environment:

For more information on deciding if the Insight (new users) or App (for existing Splunk Enterprise customers) is right for you, check out Splunk Blogs.

Follow all the conversations coming out of #splunkconf18!

Kara Gillis

Posted by