Explore Splunk Cloud Data in Splunk Observability with Log Observer Connect

By Nicolette Graham

In January we announced the general availability of Splunk Log Observer Connect for Splunk Enterprise. We are excited to report that Splunk Log Observer Connect for Splunk Cloud is available! Now, whether you’re an existing Splunk Enterprise or Splunk Cloud customer you can leverage Log Observer Connect to integrate your Splunk log data in Splunk Observability Cloud, enabling a unified view of metrics, events, logs, and traces (MELT) for faster troubleshooting, root-cause analysis and better cross-team collaboration.

What are the Benefits of Log Observer Connect?

Logs, along with metrics and traces, play a critical role in building observable systems. Previously, logs that were sent to Splunk Cloud or Splunk Enterprise could not be referenced within Splunk Observability Cloud. Now, however, users can analyze their company’s log data where it makes sense — Splunk Cloud/Enterprise for security, compliance and investigations, or Splunk Observability Cloud for powerful in-context debugging and root-cause analysis of complex distributed applications.

In general, it can be difficult to derive insights from data spread across numerous, isolated tools. Pretty much anyone who has ever had a job on a computer has felt the pain of siloed tools and process, but for ITOps Admins, SREs, Developers — really anyone dealing with building and maintaining systems — that pain is amplified by the pressure to ensure resiliencyand fix issues as quickly as possible. When on-call and alerted about an incident, it’s not as simple as “clean up on service B,” especially in cloud and microservices environments. Oftentimes, operators need to step through uncorrelated observability data in order to understand where a problem originated and remediate it.

Logs, while very useful in finding the root cause of issues, are not enough for the real-time troubleshooting process required to find the issues preventing you from delivering great user experiences. With Log Observer Connect, DevOps teams can troubleshoot application and infrastructure behavior in the integrated Splunk Observability Cloud using metrics, events and traces, then perform codeless queries on existing Splunk Enterprise and Splunk Cloud Platform logs to detect the root cause of problems in systems, without duplicating effort or moving to a different tool to search Splunk Cloud/Enterprise logs.

Log Observer Connect also allows users to streamline their observability data alongside their security, analytics, compliance, and other log data in Splunk Enterprise and Splunk Cloud. If you happen to be an existing Splunk Enterprise or Splunk Cloud customer who has Splunk Infrastructure Monitoring, Splunk APM, or Splunk Observability Cloud licenses, you can start using Log Observer Connect right away at no extra cost. With this integration it’s easier than ever to consolidate tools by unifying the logs from Splunk Enterprise and Splunk Cloud, with our best-in-class Observability data for centralized log management and improved operations.

Access, Visualize and Analyze All of Your Data In Splunk

With Log Observer Connect, Splunk customers can extend the value of their existing Splunk instances to DevOps teams. It’s designed to enable DevOps, SRE and Platform teams who may not spend a lot of time in Splunk Enterprise or Splunk Cloud Platform to understand the “why” behind application and cloud infrastructure behavior. Investigations are intuitive, require no additional code or complicated query languages and empower teams to readily combine real-time log data with metrics and traces to gain immediate insights.

With Log Observer Connect You Can:

Centralize your data and data management. Different teams in your organization may be leveraging Splunk for different use cases or other tools. Simplify management and gain operational efficiencies with all of your data centralized on Splunk.

Explore Splunk Enterprise data and Splunk Cloud Data, correlated with metrics and traces, through the integrated Log Observer interface to reduce MTTR and get more out of your data.

Get started quickly with minimal configuration changes, leveraging existing Splunk Universal Forwarder and technical add-ons (TAs) in addition to OpenTelemetry.

Improve customer experiences. Access the no-code Log Observer experience and related content links for faster troubleshooting and root-cause analysis.

Extend the value of your existing investment at no additional cost. Use data from across your entire business, including the over 2400+ integrations available in Splunkbase to help bring in log data from any application.

With Splunk’s best-in-class observability capabilities integrated with data from Splunk Enterprise and Splunk Cloud, teams across your organization can harness the power of a unified observability solution that will scale with you to monitor mission critical applications and quickly understand and optimize customer experience.

Try it Today!

Consolidate your tools on Splunk. Get the most out of your existing Splunk data by connecting it to your observability workflow via Log Observer Connect. You can find more detailed instructions in our Log Observer documentation.

Have increasingly complicated multi-cloud applications but lack visibility and insights into them? Splunk’s Observability capabilities can help you improve customer experience, innovate faster, and run services with greater resiliency, scale and efficiency. Start a free trial today.

Follow all the conversations coming out of #splunkconf22!

Follow @splunk

About Splunk

The world’s leading organizations rely on Splunk, a Cisco company, to continuously strengthen digital resilience with our unified security and observability platform, powered by industry-leading AI.

Our customers trust Splunk’s award-winning security and observability solutions to secure and improve the reliability of their complex digital environments, at any scale.