Customers Demand Interoperability and Open Standards Are the Key
Leadership Splunk
Customers Want Interoperability, Not Vendor Lock-in
Interoperability isn’t just a vague concept. It’s a goal and a commitment to ensuring that customers can get up and running as easily as possible. It’s also a promise that if they decide to work with a different vendor down the road, they’ll be able to transfer their data. The freedom to move data from one platform to another — data independence — is a key component of interoperability.
So where does interoperability come from? Interoperability depends on openness — in this case, a combination of open standards and open source. At Splunk, we're deeply committed to both.
Splunk is Committed to Open Standards
Security and observability both have groups driving open standards, and Splunk is an active member of each. For security, it’s the Open Cybersecurity Schema Framework (OCSF). OCSF is an open source project focused on creating vendor-agnostic extensible cybersecurity standards. The OCSF project was conceived and initiated by AWS and Splunk, building on the ICD Schema work done at Symantec, a division of Broadcom. Use of the OCSF standards can help users eliminate the need to normalize data from multiple sources and is designed to enable cybersecurity teams to perform data ingestion and analysis more quickly and effectively. OCSF launched with 19 members and now has over 150 active participants in our OCSF discussion channels.
For observability, the open standard is provided by OpenTelemetry, another community-driven project of which Splunk is a dedicated leader and contributor, with multiple employees dedicated full-time to OpenTelemetry efforts. The OpenTelemetry project provides proven technology and is one of the most active Cloud Native Computing Foundation (CNCF) projects, second only to Kubernetes. OpenTelemetry works out of the box and gives software teams freedom to control what data they ingest, what processing is done to it and where it is emitted. It’s easy to set up and provides all the tools, APIs, and SDKs you need. Use of OpenTelemetry gives you consistent resource metadata. It lets you easily customize your data and perform custom processing. OpenTelemetry helps avoid vendor lock-in by giving you the ability to send your telemetry anywhere, so you can use multiple solutions simultaneously and transition easily from one solution to another.
Splunk is Committed to Open Source
Not only do we contribute to open source projects and standards, we use open source in our own products. We based our distribution of the OpenTelemetry Collector on the upstream version, and we've open-sourced our own distribution as well. We use numerous open source libraries to build our offerings in Java, Golang and various other languages. We’re also a large user of open source data stores (including Apache Cassandra, Kafka and Druid) to power our observability solution. Splunk developers participate actively in the open source community by reporting issues, making commits and sharing what we’ve learned.
We firmly believe that openness is in the best interest of everyone in our industry, vendors as well as customers. We hope you'll join us. Both OpenTelemetry and OCSF are set up to foster vibrant communities that provide tremendous value to their members. If you're a vendor — competitor or otherwise — I urge you to join these open standards communities and embrace the value of open source. It’s in the best interest of all of our customers.
----------------------------------------------------
Thanks!
Garth Fort
Related Articles
Security Predictions 2026: What Agentic AI Means for the People Running the SOC
Data Is Going to Drive the Continuous Change of Distributed Work
