Today, every company is a software company and digital business is a core strategy for many organizations. To gain the much-needed agility and efficient scalability, companies in all verticals are modernizing their infrastructure by moving to hybrid, multicloud and cloud-native environments. Realizing that modern applications run on modern infrastructure, IT leaders are prioritizing infrastructure modernization initiatives. According to Gartner, by 2022, creating a flexible, adaptive infrastructure will be among the top infrastructure and operations (I&O) goals for more than 70% of enterprises, which is a major increase from fewer than 20% in 2019.
Our customers partner with Splunk to accelerate their journey to cloud and infrastructure modernization. At .conf20, our largest user conference yet, we delivered a slew of innovative features for our customers. I encourage you to join the party as we unveiled new innovations and your peers shared best practices in infrastructure monitoring. This blog summarizes the key highlights from .conf20.
New Name, One Splunk
We are renaming SignalFx Infrastructure Monitoring to Splunk Infrastructure Monitoring to communicate its tight integrations with Splunk logs products.
Last year, in October 2019, Splunk acquired SignalFx, a leader in real-time monitoring of cloud infrastructure and services. Since then, we have innovated, working alongside our customers to define workflows that capture the best of both solutions - infrastructure monitoring and investigation. The results are seamless workflows and cross integrations between Splunk Infrastructure Monitoring and Splunk Enterprise / Splunk Cloud, significantly reducing mean-time-to-detect and mean-time-to-resolve.
Real-time Streaming Analytics
Splunk Infrastructure Monitoring is the real-time metrics solution that is purpose-built to address the needs of ephemeral cloud, containers, and serverless environments with high-cardinality at a massive scale. Driven by our patented streaming architecture, our approach to ingest, store and retrieve data is fundamentally different from traditional batch and query solutions:
As metric data streams into Splunk Infrastructure Monitoring, metadata is separated from metric value data as they serve separate use cases – human-readable metadata is a central tenant in cloud-native environments to search, filter, sort and group, while metric values are analyzed by the streaming analytics engine and directly streamed to components that need them such as dashboards, alerts, and automation. Our streaming architecture means that our customers get insights and can take action in real-time – dashboards refresh, alerts fire and automation tasks trigger within seconds – whereas other solutions in the industry take painfully longer.
Best-in-class Kubernetes Monitoring
Kubernetes Navigator is an enterprise-grade and turn-key Kubernetes monitoring solution that provides an easy and intuitive way to understand and manage the performance of Kubernetes environments. DevOps teams use the following capabilities to successfully navigate the complexity associated with operating Kubernetes at scale:
- Dynamic Cluster Map: An intuitive way to instantly understand the health of Kubernetes clusters
- Drill-downs: Faster and effective troubleshooting with quick drill-downs
- Logs in context: Deep linking to contextual logs to gain granular insights, eliminate context switching and accelerate root cause analysis
- Kubernetes Analyzer: AI-driven analytics to expedite troubleshooting
New Enterprise Security Capabilities
We believe that observability is an enterprise-wide initiative. Different team members with different roles need to access the Splunk Infrastructure Monitoring platform. As your teams grow in size and as their responsibilities differ, it becomes ever more important to have granular access controls for each team member so she has only the access that is needed to do her job. No one should have access privileges that are beyond their role.
We are excited to introduce the new role-based access control feature in Splunk Infrastructure Monitoring. DevOps teams can now configure granular read and write privileges for Detectors, Dashboard Groups and Dashboards. This implementation does not create a burden on asset creators as the default privileges will be carried over for example from Dashboard Groups to Dashboards. Additionally, it gives an easy way to control who can have read or write privileges for specific monitoring assets.
Access Control for Splunk Infrastructure Monitoring is available in beta.
Team Control Features in Splunk Infrastructure Monitoring
In the context of observability systems, most companies organize users into multiple teams. Each team typically has a general area of responsibility given its focus on infrastructure for specific applications. As a result, each team has a specific focus when it comes to data and content, such as specific metrics related to the service that they monitor or manage, or data from a standard set of metrics, but restricted to a subset of sources.
Most organizations also want to share best practices and content across different teams but they also want to make sure that users do not have access to the content that they are not supposed to have. To have granular control for user access to content, there is a new role in Splunk Infrastructure Monitoring – the Team Manager. This will be the non-admin user who can add or remove team members. Only team members, team managers, and administrators will be able to link content to a team, update team notification policies, and update team descriptions.
Team Controls for Splunk Infrastructure are now generally available.
Splunk Mobile App for Observability
Splunk has integrations with incident response and management solutions including native integration with our own Splunk On-Call. While incident management mobile apps notify, they seldom have enough information that you need to triage or troubleshoot issues. Usually, DevOps and SRE engineers on-call would log in to the Splunk Infrastructure Monitoring web interface to restore service anomalies, however, at times they need this functionality on the go – whether seeing alerts at your bedside when getting woken up or getting an alert in the middle of a coffee run to the neighborhood coffee shop.
To help on-call DevOps and SRE teams easily triage and troubleshoot issues wherever they are, we are excited to announce the Splunk Mobile App for Observability in beta. Splunk Mobile App provides full access to Dashboards, Detectors, and Alerts so that on-call engineers can understand the urgency and plan the next course of action in remediating the performance issue.
Get Started with Real-time Cloud Monitoring
Future-proof your observability investment with an enterprise-grade solution trusted by enterprises for advanced use cases at a massive scale. Get started with a free trial of Splunk Infrastructure Monitoring.
If you missed .conf20, watch all the action on-demand, and be sure to check out the following sessions:
- APP1643B - Crossing the Streams: Integrating Splunk Observability and Splunk, a breakout session by Yelp
- APP1571B - Infrastructure Monitoring at Scale: We Learned the Hard Way So You Don’t Have To, a breakout session by Atlassian
- APP1935B - Stop, Investigate and Listen: Splunk's Got a Brand New Edition for...Monitoring Your Infrastructure!
- APP1271C - Kubernetes monitoring for beginners: How observability helps you on your journey