With the demand to meet service level agreements (SLAs), any on-call SRE can tell you that incidents always happen at the wrong time. Things break when you least expect them to (on a date, about to beat a new level in a video game, pizza delivery just arrived, asleep at 3am). During these inopportune moments, you want to make sure it's easy to get the data you need, no matter which device is nearby.
As an on-caller, when an incident occurs you need to respond quickly, before customers are affected. Today's on-call DevOps engineers and SREs are not always bound to their workstations, and with SLAs at stake, engineers need to be able to access their workload telemetry from any device. The first place that on-call staff are notified about an incident is typically on their mobile devices. Whether it's an e-mail, call or slack notification, most engineers find themselves with limited access to resources about the incident alert on their mobile device. In contrast, on-call access to critical workload telemetry can mean the difference between family time or just a simple two-minute acknowledged alert.
At Splunk, we want to ensure engineers can do more than acknowledge alerts on their mobile devices. That is why we are excited to announce the general availability of Splunk Observability Cloud for Mobile. It’s a free iOS and Android native mobile application, which lets users access Splunk Observability Cloud dashboards and alerts anywhere at any time.
You can make incident response decisions fast during wartime, and continuously monitor the state of your systems during peacetime. During peacetime, Observability Cloud for Mobile makes it easy to periodically check on the health of infrastructure, services, and the business throughout the day. The mobile app also helps on-callers in firefighting mode quickly assess the severity of an incident, and answer three important questions:
- What is broken?
- Do I need to stop what I am doing and open my laptop?
- Where should I start looking?
As a refresher, Splunk Observability Cloud enables monitoring, alerting, investigation and analysis across applications, services and infrastructure — with a consistent user experience, irrespective of the data format (logs, metrics or traces).
With Observability Cloud for Mobile, Splunk brings that same experience to your mobile device. Users can access real-time alerts and metrics with the same UI they’re already familiar with, instead of having to learn new concepts, navigate unfamiliar dashboards or a radically different interface, which can slow down troubleshooting.
With Splunk Observability Cloud for mobile, you can:
- View, filter, and search for dashboards and alerts from your Splunk Observability Cloud instance.
- Gain context on active alerts such as triggering conditions and detector details.
- Conduct high-level investigation before transitioning to Splunk Observability Cloud or other relevant tools.
- Know that context and information will carry over as soon as you jump into Splunk Observability Cloud on your laptop or desktop.
How can Splunk Observability Cloud help on-call SREs?
"When you’re in a grumpy mental state in the middle of the night, your alerts should provide enough information to know where to start."
- SRE, Splunk
You’re on-call and you get an alert notification on your mobile device. You know the next step is to categorize and prioritize the incident. With Observability Cloud for Mobile’s built-in alerts view, you can conveniently view all your alerts and filter based on severity: Critical, Major, Minor, Warning and Info. Alerts are conveniently color-coded by severity, so even in the middle of the night, it’s easy to prioritize action. Let's take at an example.
In the example above, you see that there are several critical alerts that require immediate attention. Tap the alert to view critical alert details and get quick context and insight into incidents. You can then mark them as cleared once you’re ready to resolve them. If the alert requires immediate attention, drill down into the alert data and view detailed visualizations about what happened at the time of the incident so you know where to start.
Without having to open your laptop, you know what is broken, where to start looking, and that it’s severe enough to need your attention immediately, giving you a head start.
More often than not, addressing critical alerts is a collaborative effort. With Splunk Observability Cloud for Mobile, easily share metrics and alert details with developers responsible for the service on Slack, or wherever you come together to triage.
Well-designed dashboards can provide useful and actionable insight into your system and services at a glance, for you and your teammates. You can access, interact, share and save any dashboard that you have permission to view in Splunk Observability Cloud on Observability Cloud for Mobile. With Observability Cloud’s real-time streaming metrics populating on your dashboards, you always have the right information you need to begin remediation, or to simply monitor the state of your dashboards. Apply additional filters to any dashboard to drill down into the information most relevant to an alert. Dashboards are also helpful to monitor the health and performance of your service or infrastructure during times of change — like a new code push. With Observability Cloud for Mobile, it’s easy to keep an eye on your dashboards all day without being chained to your desktop.
Now that you know the severity of the incident, have shared the alert details with your teammates, and have dug into the dashboards — jump right into the Observability Cloud on your computer to begin resolving the incident. Since all of the context is carried over, it’s easy to take action right away. You can start where you left off on your mobile device and begin reducing your mean time to resolution and meet SLAs for a better customer experience.
Are you an existing Observability Cloud customer and curious to see how your on-call experience can improve with Observability Cloud for Mobile? Download now from the Apple App Store or Google Play Store to get started for free! Remember Mobile access is included with any Splunk Observability license!
If you aren’t already leveraging Splunk Observability Cloud, which includes Splunk Infrastructure Monitoring, Splunk APM, Splunk RUM, Splunk Log Observer, and works with Splunk Synthetic Monitoring, Splunk On-Call and Splunk Cloud Platform to deliver unprecedented capabilities for monitoring, troubleshooting and resolution of business-critical incidents — start a free trial today!
If you’re an existing Splunk Cloud customer and want to learn more about how observability can help you improve customer experiences, and extend the value of your existing Splunk investment, check out our documentation.