When I speak with customers, especially chief information security officers (CISOs), one of their most consistent requests is that they want interoperability. They want the software they buy to work with the software they have and plan to buy in the future. Nearly every organization, certainly every enterprise company, has an installed base of hardware and software representing a significant investment in time and money. A 2020 study by Flexera found that the average IT spend across all industries was 8.2 percent of revenue. If we want customers to make a place for Splunk in their stacks, we have to show them it will be easy and in their best interests.
Customers Want Interoperability, Not Vendor Lock-in
Interoperability isn’t just a vague concept. It’s a goal and a commitment to ensuring that customers can get up and running as easily as possible. It’s also a promise that if they decide to work with a different vendor down the road, they’ll be able to transfer their data. The freedom to move data from one platform to another — data independence — is a key component of interoperability.
So where does interoperability come from? Interoperability depends on openness — in this case, a combination of open standards and open source. At Splunk, we're deeply committed to both.
Splunk is Committed to Open Standards
Security and observability both have groups driving open standards, and Splunk is an active member of each. For security, it’s the Open Cybersecurity Schema Framework (OCSF). OCSF is an open source project focused on creating vendor-agnostic extensible cybersecurity standards. The OCSF project was conceived and initiated by AWS and Splunk, building on the ICD Schema work done at Symantec, a division of Broadcom. Use of the OCSF standards can help users eliminate the need to normalize data from multiple sources and is designed to enable cybersecurity teams to perform data ingestion and analysis more quickly and effectively. OCSF launched with 19 members and now has over 150 active participants in our OCSF discussion channels.
For observability, the open standard is provided by OpenTelemetry, another community-driven project of which Splunk is a dedicated leader and contributor, with multiple employees dedicated full-time to OpenTelemetry efforts. The OpenTelemetry project provides proven technology and is one of the most active Cloud Native Computing Foundation (CNCF) projects, second only to Kubernetes. OpenTelemetry works out of the box and gives software teams freedom to control what data they ingest, what processing is done to it and where it is emitted. It’s easy to set up and provides all the tools, APIs, and SDKs you need. Use of OpenTelemetry gives you consistent resource metadata. It lets you easily customize your data and perform custom processing. OpenTelemetry helps avoid vendor lock-in by giving you the ability to send your telemetry anywhere, so you can use multiple solutions simultaneously and transition easily from one solution to another.
Splunk is Committed to Open Source
Not only do we contribute to open source projects and standards, we use open source in our own products. We based our distribution of the OpenTelemetry Collector on the upstream version, and we've open-sourced our own distribution as well. We use numerous open source libraries to build our offerings in Java, Golang and various other languages. We’re also a large user of open source data stores (including Apache Cassandra, Kafka and Druid) to power our observability solution. Splunk developers participate actively in the open source community by reporting issues, making commits and sharing what we’ve learned.
We firmly believe that openness is in the best interest of everyone in our industry, vendors as well as customers. We hope you'll join us. Both OpenTelemetry and OCSF are set up to foster vibrant communities that provide tremendous value to their members. If you're a vendor — competitor or otherwise — I urge you to join these open standards communities and embrace the value of open source. It’s in the best interest of all of our customers.