Unify Observability, Surface Business Impact, and Solve Problems Using AI Agents with Latest Splunk Observability Innovations

In September at .conf25, we announced how Splunk is shaping the future of digital resilience in the age of AI. Agentic AI is rewriting what it takes to build a leading observability practice. As vibe coding gains steam, applications will be built with less human involvement. At the same time, the rise of AI agents demands specialized telemetry to ensure models are performing as intended—aligned to their business purpose and cost. To keep pace, ITOps and Engineering teams need unified, in-context, visibility across all of these environments—infrastructure, applications of every kind, networks, AI—to prioritize issues based on business impact.  

New agentic observability innovations from Splunk unify observability across environments, surface actionable business context, and deploy AI agents across the full incident response lifecycle, while monitoring the performance and quality of AI itself.   

Now we’re excited to announce the next set of Observability innovations that we’ll be demonstrating at Kubecon North America and Cisco Live Melbourne, both taking place November 10-13. For a recap of .conf25 Splunk Observability announcements read this blog, check out this on-demand webinar, or catch the session replays here.  

Unified Observability Experience

Splunk makes it easier to monitor and secure critical business processes, not just infrastructure and application health, so you can optimize performance and see how a problem originating anywhere impacts your business, with context to help you prioritize. 

Here are the latest features:

• OpenTelemetry Injector (Alpha)
• AppDynamics Combined Agent for observability (GA)
• Database (DB) Monitoring in Observability Cloud (GA)
• APM support for hybrid apps and business transactions (GA)
• Digital Experience Analytics in Observability Cloud (Alpha)
• Native Kubernetes alerting in AppDynamics (alpha) 
• AppDynamics Kubernetes deep linking via Observability Cloud (Alpha)
• AppDynamics migration tool from on-premises to virtual appliance (GA)
• AppDynamics cross-application business transactions (GA)
• Kubernetes monitoring: new user experience (GA)
• Observability Cloud Real User Monitoring (RUM) integration with ThousandEyes (Alpha)

AI-Powered Observability

Using agentic AI, Splunk helps teams quickly and accurately diagnose business-impacting issues across any environment—spanning networks, infrastructure, applications of any type, including AI stacks, and business processes—so they spend less time in war rooms.  

Here are the latest features:

• AI Agents in Observability Cloud: detection (Alpha Dec), troubleshooting (Alpha), & remediation (Alpha Nov)
• ITSI Episode Summarization (Alpha)
• AppDynamics AI troubleshooting agents (GA)
  • AI Troubleshooting Agent for Health Rule Violations
  • AI Troubleshooting Agent Root Causes and Recommendations

Observability for AI

Splunk helps teams monitor the health, performance, security, and cost of their AI application stack, including Agents, Large Language Models (LLMs), and AI infrastructure.

Here are the latest features:

• AI Infrastructure Monitoring (GA)
• AI Agent Monitoring in Observability Cloud (Alpha): Quality Evaluations (Alpha), Agent Score Card (Alpha), Agent Conversations and AI Trace Views (Alpha)
• AI Agent Monitoring in AppDynamics (GA)
• Splunk & AGNTCY: Unlocking the Future of AI Observability

To learn more, check out the blog below for a comprehensive summary of our newest observability capabilities.

OpenTelemetry Innovations and Donations

Splunk is very excited to be sponsoring Kubecon North America once again, kicking off this week in Atlanta, GA. As many know, Splunk is one of the top contributors to the OpenTelemetry project. Splunk’s mission has been to make OpenTelemetry accessible and easy to adopt for every organization and every environment. Today, we’re excited to announce the latest Splunk contributions to the project.

OpenTelemetry Injector (Alpha) 

The OpenTelemetry Injector enables zero-code instrumentation for applications running on Linux hosts and eliminates the operational burden of instrumentation. While other solutions like the OpenTelemetry Operator cater to containerized and Kubernetes environments, the Injector is specifically designed for traditional virtual machine (VM) environments, enterprise data centers, hybrid technology stacks, and legacy systems.

This expands OpenTelemetry's reach and ease of use for organizations with diverse infrastructure. By making instrumentation easier and less intrusive, the OpenTelemetry Injector encourages wider adoption of OpenTelemetry for organizations with existing applications where code changes might be difficult or impractical. You can find more information about the OpenTelemetry in this blog.

Customers Now Have a Choice for Hybrid Application Monitoring With a Combined Splunk AppDynamics Agent (GA)

AppDynamics customers now have a single agent to collect telemetry data for use in either Splunk AppDynamics or Observability Cloud. This agent enables them to avoid costly and disruptive changes in their deployment and integration pipelines, while evaluating or transitioning monitoring to Observability Cloud.

It contains both AppDynamics Agent code and Splunk OpenTelemetry code and is deployed in the same way as any other AppDynamics Agent. Simply update your existing agents and latent OpenTelemetry functionality will be added as a normal update. You can update via the Smart Agent or whatever means you use today. 

We’re offering three modes:

• AppDynamics Mode, for users that primarily build and operate n-tier applications. You can stay on that solution by default. 
• Splunk Mode, for customers that have hybrid applications with transactions that span traditional applications and microservices. Observability Cloud is being augmented with a variety of capabilities which make it ideal for monitoring such applications. 
• And Dual Mode, for organizations that have largely separate teams running n-tier and microservice applications. We are building integrations between AppDynamics and Observability Cloud to make it easy to use these two products together in troubleshooting workflows. This mode is intended to ease the evaluation of or transition to Observability Cloud but is not recommended for extended use in production.

Read the blog to learn more about AppDynamics Combined Agent.

For more information about Splunk’s agent management strategy and the Splunk Distribution of the OpenTelemetry Collector watch this on-demand webinar: OTel Demystified: From Community Contributions to Splunk's Enhanced Distribution.

Unified Observability That Surfaces Business Impact

Unified observability is the cornerstone of digital and AI resilience. It provides complete visibility into the health and performance of your applications, infrastructure, and networks, allowing you to easily correlate signals across your entire environment and understand their interconnections. While this visibility is essential, its true value comes from interpreting these insights within the context of your users and business goals. With our latest product innovations, we empower you to answer these critical questions and drive meaningful outcomes.

Resolve Database Performance Issues Faster With Database Monitoring in Observability Cloud (GA)

Databases are the backbone of modern applications, so even a slight slowdown in database query performance can directly and severely impact the end-user experience. Built on OpenTelemetry, Splunk Database Monitoring helps you identify and resolve slow, inefficient queries; correlate application issues to specific queries for faster root cause analysis; and accelerate fixes with AI-powered recommendations. 

Splunk Database Monitoring is now generally available. This first release supports Microsoft SQL Server and Oracle Database, with additional engines coming soon. Read our documentation for more details.

Monitor Hybrid Apps and Business Transactions in Observability Cloud APM (GA)

Many teams run both traditional n-tier applications and cloud-native services, and they need application performance monitoring (APM) that bridges both worlds. We’re releasing new capabilities in Splunk Observability Cloud to strengthen APM for cloud-native applications, and extend support for hybrid environments—building on AppDynamics’ proven expertise in monitoring traditional three-tier applications.

Highlights include:

• Business Transactions provide flexible, precise monitoring of business workflows.
• Call Graphs deliver code-level insights and enable faster root cause analysis.
• Service map grouping visually groups related services by indexed span tags and tracks their health, aligning with how teams work.
• Service instance visibility improves correlation between application and infrastructure data.

Together, these capabilities deliver a single APM solution for organizations building and operating hybrid or microservices-centric applications.

Correlate User Behavior With Application Performance Using Digital Experience Analytics in Observability Cloud (Alpha)

Engineering and product teams share responsibility for delivering great user experiences and driving business outcomes. Digital Experience Analytics (DEA) extends existing Real User Monitoring (RUM) capabilities by providing engineering, product, and design teams deep visibility into user behavior, intent, and sentiment. Unlike siloed DEA tools, it correlates behavioral data with application performance data, helping teams understand the user experience impact of application incidents and troubleshoot them faster. By using the same OpenTelemetry instrumentation agent as RUM, it also simplifies setup and reduces overhead. In its initial release, DEA introduces Conversion Funnel analysis with detailed session replay at each drop-off point, making it easier to identify friction and take action. Digital Experience Analytics is currently in Alpha. Request access at the Splunk Voice of the Customer site.

Native Kubernetes Alerting in AppDynamics (Alpha)​

This new feature empowers AppDynamics customers to natively ingest Kubernetes metrics for key entities such as clusters, namespaces, workloads, and pods. Users can now define health rules directly on these entities and receive alerts when violations occur, enabling real-time visibility into the health of their Kubernetes environments. Event exploration and metric visualization further support efficient troubleshooting, while upcoming enhancements will offer updated dashboards and drill-down capabilities for deeper root cause analysis across entity hierarchies.

Previously, monitoring Kubernetes entities in AppDynamics required manual metric tracking and offered limited alerting, making it challenging to quickly detect and resolve issues. With native integration, customers benefit from streamlined health monitoring, proactive alerting, and simplified troubleshooting—all within AppDynamics. This translates to improved operational responsiveness, reduced reliance on external tools, and better management of containerized environments, ultimately supporting faster issue resolution and minimizing downtime.

Appdynamics Kubernetes Deep Linking via Observability Cloud (Alpha)

 The new Kubernetes Deep Linking feature bridges AppDynamics APM and Splunk Observability Cloud, creating a seamless connection between application performance monitoring and Kubernetes infrastructure insights. With this integration, users can now navigate directly from application issues in AppDynamics to the corresponding Kubernetes pods and workloads in Splunk Observability Cloud, enabling unified troubleshooting workflows across both platforms.

Previously, there was no direct way to correlate application views in AppDynamics with Kubernetes resources in Splunk Observability Cloud, which made end-to-end troubleshooting more challenging. Now, with deep linking, teams can quickly identify and drill down into the infrastructure components impacting application performance. This streamlined workflow reduces resolution times, improves operational efficiency, and supports faster root cause analysis. The feature is currently available in preview for SaaS customers via feature flags.

Migration from On-Premises to Virtual Appliance: The Easy Button (GA)

The Splunk AppDynamics Virtual Appliance has come a long way to provide parity with our SaaS offering, including support for AI-powered anomaly detection/root cause analysis, application vulnerability and attack detection, and OpenTelemetry ingestion. Many of our existing on-premises customers are eager to take advantage of the new features as well as the improved scalability and maintenance of the virtual appliance and have been waiting for an easy path forward.

But, let’s be honest—migrations can be nerve-wracking. Nobody likes downtime, and manual data transfers can feel like performing open-heart surgery on your infrastructure.

That’s why the new Migration Tool for Virtual Appliance is such a relief. It automates backup and restore of all your critical configurations, minimizing downtime and manual effort.

In short, it lets existing AppDynamics on-premises customers move to the Virtual Appliance with confidence—and without losing any data. Once you’re there, you can immediately take advantage of newer features like anomaly detection, root cause analysis, vulnerability and attack detection from Secure Application, and OpenTelemetry ingestion.

Appdynamics Cross-Application Business Transactions (GA)

For years, tracing business transactions across multiple applications felt like detective work—lots of spreadsheets, manual stitching, and educated guesses. Not anymore.

The new Cross-Application Business Transaction (BT) Correlation connects transactions across application boundaries, giving you a single, continuous view of how a request moves through your ecosystem.

Instead of forcing all tiers into one giant application (a workaround many teams used), you can now expand flow maps to include interacting tiers from other apps. Breadcrumb navigation lets you move seamlessly between them.

The outcome? Faster troubleshooting, clearer visibility, and fewer silos between teams. It’s the kind of improvement that makes you wonder how you ever managed without it.

Kubernetes Monitoring: New User Experience (GA)​ 

This brand-new UI design provides customers with a more intuitive user experience—improving overall data discoverability, customization, enhanced search/filtering, and in-context navigation. 

This new UI experience provides:

• Flyouts, improved information arch, data tables, faceted filters, drill downs, refreshed charts, etc, for more intuitive experience relevant to Kubernetes users.
• The ability to more quickly find and fix common Kubernetes issues by supporting all status and conditions across nodes, pods and containers
• Context-aware troubleshooting: With additional metadata, along with in-context events and logs, users will be able to perform more effective RCA for common issues. 

Connect User and Network Insights Using Real User Monitoring Integration With ThousandEyes (GA)

Application experience relies on a complex web of networks (CDNs, DNS, the Internet) and external services like third-party APIs and cloud aplatforms, often beyond IT’s control. The Splunk Observability Cloud Real User Monitoring (RUM) Integration with ThousandEyes unifies global real-user experience data from Splunk with network insights from ThousandEyes in a single view. Engineering teams can quickly pinpoint whether issues stem from the application or network, streamline troubleshooting, and resolve incidents faster, ultimately improving performance and user experience. This integration is available at no additional cost for joint Splunk Observability Cloud and ThousandEyes customers and is currently in Alpha. Request access at the Splunk Voice of the Customer site.

AI-Powered Observability

Agentic AI is transforming what it takes to build a top-tier observability practice. As agentic AI and AI-assisted coding become more prevalent, application services are increasingly delivered and managed autonomously, requiring less human intervention.

Observability must adapt to this new reality. Splunk has a history of embedding AI into our solutions, and we’re excited to introduce agentic AI-powered features across the Splunk Observability portfolio. These new capabilities help teams detect, investigate, and resolve issues more rapidly. With AI-driven alert correlation, episode summarization, and intelligent agents for detection, troubleshooting, and remediation, agentic AI empowers teams to identify, address, and resolve critical incidents faster than ever.

Understand Issues and Respond Faster With ITSI Episode Summarization (Alpha)

ITSI already reduces alert noise by correlating and grouping related alerts into episodes. Now, using advanced AI, Splunk ITSI can pull together all the key information about an episode—what happened, when it started, the most important events, and even a first look at what caused the problem—into a single, easy-to-read AI-generated summary. This means teams can go from clicking through tabs to seeing the most relevant details and suggested next steps in just one click. Not only does this save time and reduce confusion, it also helps newer users get more value from the platform right away. Plus, summaries can be shared easily with others or copied and pasted into tools like ServiceNow, so everyone stays in the loop. In short, Episode Summarization helps teams work smarter, respond faster, and keep their critical services running smoothly. ITSI Episode Summarization is in Alpha. Request access at the Splunk Voice of the Customer site.

To learn more about Splunk’s AI Powered Observability check out the e-book, No Prompts Required: How AI in Observability Is Getting Smarter. You can also learn about how AI helps you proactively detect anomalies, identify root causes, and resolve issues faster in this talk given at .conf25: Troubleshooting Made Easy with AI for Observability.

Investigate and Resolve Issues Faster With AI Agents in Observability Cloud (Alpha) & AppDynamics (GA)

Observability Cloud

Pinpointing the cause of an outage or performance problem in cloud-native environments typically involves a lot of manual effort on the part of engineering teams as they cycle through dashboards, search for the right metrics or logs, and hop between multiple screens and tools to cobble together reasonable hypotheses. AI agents in Observability Cloud acts like an assistant SRE, automatically sifting through all the service and infrastructure data, identifying whether your application or infrastructure is at fault, and surfacing the most likely root causes, and identifying an action plan for long-term resolutions of Kubernetes pod related issues—all in plain language, within your existing workflow.

Instead of spending time jumping in and out of screens, tabs, and tools, teams get a ranked list of probable causes, clear impact analysis, and actionable recommendations, right when and where they need it, minimizing hours of manual investigation into insights, in minutes.

When an alert comes in, AI analyzes everything–from recent deployments to Kubernetes events and historical incidents to highlighting patterns from previous fixes. It also provides a concise RCA (root cause analysis) and action plan, so teams can act confidently and quickly, reducing downtime and keeping services running smoothly. AI troubleshooting agent in Observability Cloud is Alpha and the AI Remediation Agent will be Alpha this month.

AppDynamics

When anomalies or health rule violations occur in an n-tier or hybrid environment, the AI troubleshooting agent for AppDynamics goes beyond simply flagging an issue. It explains what’s happening, why it’s happening, and how to fix it. You get clear, concise root cause summaries right where you need them without bouncing between dashboards or guessing which metric matters most.

The result? Teams resolve issues faster and with greater accuracy, even if they aren’t system experts. In Alpha now, AI troubleshooting agent in AppDynamics removes knowledge barriers, guides investigations with just one click, and presents actionable insights in the context of real-time data.

To learn more about Splunk’s AI Powered Observability check out the e-book, No Prompts Required: How AI in Observability Is Getting Smarter. You can also learn about how AI helps you proactively detect anomalies, identify root causes, and resolve issues faster in this talk given at .conf25: Troubleshooting Made Easy with AI for Observability.

Observability for AI

AI is a powerful enabler, driving the development of new observability practices. However, AI also requires careful oversight—whether it’s managing the underlying infrastructure it depends on, monitoring large language models as they generate responses to user and system prompts, or supervising AI agents and AI-powered applications that rely on them.

Ensure System Health, Performance, and Consumption With AI Infrastructure Monitoring (GA)

AI Infrastructure Monitoring provides teams with data-dense dashboards and detectors to surface trends, patterns, and outliers in underlying AI infrastructure performance. These views allow teams to proactively pinpoint noisy neighbors, alert on operational metrics from AI apps and services, troubleshoot issues of resource contention and unmet workload demands, and ultimately mitigate security, performance, costs, and reputational risks. In November, we added support for Google’s Vertex AI, Milvus’ vector database, and LlamaIndex. AI Infrastructure Monitoring is generally available (GA). Learn more about AI Infrastructure Monitoring.

Monitor the Quality, Accuracy, Cost and Security of LLM and Agentic Applications With AI Agent Monitoring in Observability Cloud (Alpha) & AppDynamics (GA)

Typically, as engineering teams leverage LLMs to interpret data, reason, and complete multi-step tasks as part of AI agents or AI-enabled applications, they learn that the LLMs have the potential to produce low-quality, misleading, or incorrect outputs or responses, decreasing customer trust, degrading end-user experiences, and increasing the cost of development. Building on the announcement from .conf25 with AI Infrastructure Monitoring being generally available, we’re now introducing AI Agent Monitoring in Observability Cloud and AppDynamics.

With AI Agent Monitoring in Observability Cloud, ITOps and engineering teams can proactively identify and troubleshoot erroneous, inaccurate, or undesirable responses by LLMs (and the agents they power) to ensure applications are performing reliably, securely, and as intended. Teams can track established metrics for transactions, error rates, and performance and drill into interactions to pinpoint issues that impact application behavior like failed LLM or tool calls. Through an integration with Cisco AI Defense, teams will soon be able to  gain a unified view of critical security risks—including prompt injection, data leakage, and harmful content—across agents and LLMs. This enhanced visibility is delivered alongside detailed insights into consumption, cost, performance, and quality measures for models and agents, empowering AI SRE and MLSecOps teams to manage both risk and operational efficiency from a single pane of glass.  

AppDynamics AI Agent Monitoring provides a unified interface to monitor AI application performance, integrations, and supporting infrastructure in real time. It enables teams to track LLM usage for compliance with internal and regulatory policies, reducing risk. Teams gain visibility into resource consumption and costs, allowing for optimization and efficient allocation. Streamlined health and performance monitoring helps detect and resolve issues before they impact users or business applications. Customizable dashboards and business journey mapping improve insight into AI agent impact. AppDynamics AI Agent Monitoring empowers organizations to confidently manage, scale, and maintain the health of mission-critical AI initiatives. AI Agent Monitoring in Observability Cloud will be Alpha in November. AppDynamics AI Agent Monitoring is generally available. Learn more about AI Agent Monitoring in Observability Cloud and AppDynamics here.

Splunk & AGNTCY: Unlocking the Future of AI Observability

As intelligent systems evolve into a collaborative "Internet of Agents," a universal standard for monitoring them is essential. This July, Cisco's innovation engine, Outshift, donated AGNTCY to the Linux Foundation, paving the way for a future where agents from any vendor can work together seamlessly. Splunk is committed to advancing this vendor-neutral vision through a dual approach. First, we are enhancing OpenTelemetry (OTel) semantic conventions to create a standardized telemetry framework for diverse AI environments. Second, through native integration, AGNTCY-generated quality metrics from the MCE flow into AI Agent Monitoring in Observability Cloud (GA Q1 2026) as standard telemetry.

This powerful integration embeds AGNTCY Metric Compute Engine’s AI quality metrics, such as relevance and hallucination, into the Splunk platform. This allows you to understand both what your AI is doing and how its performance impacts your business. By unifying critical AI quality metrics with your existing infrastructure and business data, you gain deep, contextual correlation. The result is a holistic view that transforms raw AI telemetry into actionable insights, revealing the precise impact of AI behavior on system performance and business outcomes.

Learn more about how AI Agent Monitoring, built on OpenTelemetry and AGNTCY open standards, provides AI monitoring without vendor lock-in here.

Conclusion

As we look ahead, Splunk remains committed to empowering organizations with unified observability, advanced AI capabilities, and seamless security solutions. Our latest innovations are designed to help you gain deeper insights, respond to incidents faster, and drive better business outcomes—no matter how complex your environment becomes. By harnessing the power of Splunk’s evolving platform, your team can stay resilient, agile, and ready to meet the challenges of the AI era. We’re excited to partner with you on this journey toward digital resilience and operational excellence. Stay tuned for more updates as we continue to shape the future of observability together. You can find more information about our latest Platform and Security updates here. We hope to see you in person at the events!

^{*Many of the products and features described herein remain in varying stages of development and will be offered on a when-and-if-available basis. The delivery timeline of these products and features is subject to change at the sole discretion of Cisco, and Cisco will have no liability for delay in the delivery or failure to deliver any of the products or features set forth in this document.}