As part of Splunk O11y Day on May 5th, we're excited to show Splunk Log Observer to the world! Part of Splunk Observability Cloud, Splunk Log Observer is designed to enable DevOps, SRE, and platform teams to understand the “why” behind application and cloud infrastructure behavior. Investigations are intuitive, require no additional coding, and empower teams to readily combine real-time log data with metrics and traces to gain immediate insights.
Why Did We Build Splunk Log Observer, You May Ask?
It’s a good question, given Splunk already has the market-leading log analytics platform on the market. Our reasons were two-fold.
First, we see Observability as fundamental to every cloud-native service in production. Observability requires the ability to seamlessly move from monitoring to investigation, and helping teams see their services from infrastructure through transactions, tightly integrating, shaping, and analyzing metrics, logs, trace and transaction data. Since logs is a critical ingredient in that recipe, we wanted to build logs as part of a unified observability experience.
Second, we saw an opportunity to deliver new capabilities to SREs and developers, whose use cases for collecting, exploring, and using log data require new features and a new experience and approach to logging.
What Can Splunk Log Observer Do?
Splunk Log Observer offers a number of cool features and experiences. Here are a few of my favorites:
Intuitive No-Code Log Exploration
Point and click your way through log investigations. In-context log data is easy to search, filter and visualize, and related content offers single-click access to metrics and traces correlated to log data.
Live Tail
With Live Tail, you get a real-time view of logs easily sorted based on attributes you define and highlight content you’re particularly interested in. You can slow down the live tail, or let everything stream through as logs are collected.
Integrates Your DevOps-Driven Logging Sources
Connect to AWS Cloudwatch, OpenTelemetry, GCP Stackdriver and Kubernetes in minutes using a wizard. Splunk Log Observer shapes data from these formats, making them simpler to search, explore and contextualize related metrics and traces in the Splunk Observability Cloud.
Related Content
As part of the Splunk Observability Cloud, logs, metrics and traces work in correlation with each other. Related content pointers are provided during log exploration, so your investigations are intuitive — with no dead-ends.
Infinite Logging
Splunk Log Observer permits you to store all your logs. High-value logs are indexed, shaped with context about the data and are ready for real-time analysis, while lower-value logs are placed in a customer-owned storage location.
How Can I Get Started with Splunk Log Observer?
Splunk Log Observer is part of the Splunk Observability Cloud. You can sign up to start a free trial of the suite of products – from Infrastructure Monitoring and APM to Real User Monitoring and Log Observer.
I can’t say enough about how excited we are to deliver a complete Observability suite and as part of that suite, Splunk Log Observer. Give Splunk Observability Cloud a try today! Or, if you’re not ready to start a trial, check out our sessions from O11y Day or reach out to us and we’ll be happy to show you Splunk Log Observer in action.
Happy Splunking!
Bill