Unified Observability From Splunk: One Platform, From Code to Business Impact

If it’s been a while since you reassessed your observability strategy, you may have missed something significant.

A decade ago, "observability" was mostly something that cloud-native engineering teams cared about, and "full-stack observability" was more concept than reality. That’s changed. Two shifts have driven it:

1. Observability has matured as a problem space, a practice and a toolset. The environments for which observability is applicable now span on-prem and cloud infrastructure, n-tier and microservices architectures, owned and unowned networks, critical business processes, end-user experience, and now, AI models and agents. But most teams are still working across siloed tools that can't trace an application end-to-end—and the bar has moved from reactive detection to monitoring end-to-end on behalf of the end user, with baselines that catch issues before customers feel them.
2. Slow is the new down. Keeping systems up is table stakes—redundancy hides outages, and customers expect uptime. What they feel is latency, friction, and degradation—even when every component reports healthy. And what businesses lose is harder to recover: customer trust and revenue. Organizations no longer win by proving every component is healthy. They win by proving the business journey is healthy—and by finding the cause before customers feel the impact.

The path forward is unification.

Splunk Observability Cloud is our unified observability platform—one experience that brings together visibility across applications, infrastructure, networks, user experience, business processes, and AI.

If you've evaluated observability from Splunk before, it's worth another look. The platform today is not what you saw a few years ago. We've been busy.

We've brought the best of AppDynamics SaaS into Observability Cloud alongside major product delivery enhancements purpose-built for the modern stack, including:

• Business Transactions: Monitor the transactions and KPIs that capture the work your business depends on, with critical path-mapping that baselines normal performance and powers proactive alerts before issues reach end users.
• Business Journeys: Visualize and monitor critical end-to-end processes like checkout, order fulfillment, and loan processing.
• n-Tier Application Coverage: Comprehensive visibility into traditional and hybrid applications in a unified workflow.
• Application Security: Detect and prioritize application vulnerabilities and live exploits in production.
• Database Monitoring: Pinpoint slow queries and bottlenecks, correlated with application traces.
• Digital Experience Analytics: Combine real user monitoring with behavioral and sentiment insights to understand customer experience.
• AI SRE: Agentic AI that finds root cause, builds a plan, and guides teams to remediation.
• Agent Observability: Monitor the performance, quality, security, and cost of LLMs and agentic applications.
• Release Validation: Tag code and compare performance across releases and surface the root cause for any problems the new code may have generated.

AppDynamics remains an important part of our portfolio for customers in self-managed, air-gapped, or heavily regulated environments, and we will continue to innovate and deliver first-class support for those customers. But for organizations modernizing their architectures and adopting cloud-native, hybrid, and AI-driven workloads, Observability Cloud is where customers can standardize their observability practice.

How We Got Here—and Why It Matters

Splunk has been solving observability problems longer than most people realize.

Many know us as a cybersecurity and log analytics platform. But Splunk's origin story actually begins in 2003 with the need to troubleshoot software applications—specifically one our founders had built themselves, and for which they had no tools. They built something that pulled together the digital exhaust from their application and its environment, correlated it across the stack, and helped them get to root cause.

What they built was an observability platform; we just didn't call it that at the time.

As application architectures evolved, so did the tools we built. We added real-time, high-cardinality metrics for cloud-native and containerized environments, distributed tracing for microservices, real user and synthetic monitoring for digital experience, and as the project’s leading contributor, ignited the shift to OpenTelemetry as the industry standard for telemetry collection.

Coming together with Cisco in 2024 expanded what's possible even further — adding the deep business context that made AppDynamics special, network assurance through ThousandEyes, and most recently, AI observability capabilities to evaluate, monitor and govern AI agents across their development lifecycle.

Despite this convergence at Splunk and Cisco, we often saw something else happening in parallel in the market. Too often, organizations did not take the time to re-evaluate their monitoring strategies, and instead assembled their observability strategy by adding specialized tools and separate vendors, one for each layer, each team, each environment. This approach was pragmatic in some respects, but it also reinforced fragmentation: multiple tools, multiple data models, and war rooms full of dashboards that only provide a slice of the overall picture.

The result is something we hear consistently from customers: they have more data than ever; they have less confidence that they know what's actually going wrong; and they continue to experience every incident as a serialized declaration of innocence that lasts too long.

What "Unified Observability" Actually Means

"Unified" is one of the most overused terms in this category, so it’s worth being precise about what we mean.

Some people assume "unified" means we have logs, metrics, traces, and events together in one place. And, yes, of course we do. But unified observability is more than that.

At Splunk, unified observability means three things:

1. Unified across the data. Telemetry from applications, infrastructure, network, digital experience, security, and business processes is captured with shared semantics and connected at the data layer — so signals are correlated by design, not stitched together after the fact. Correlation, not just co-location. This is only possible because we've built on open standards: OpenTelemetry is foundational to the platform, not an add-on. Your data remains yours — you're not locked into proprietary approaches or forced ingestion models to get value.
2. Unified across the experience. A single console that takes teams from symptom to cause to business impact in one connected view — plus a unified way of making observability data available wherever it needs to go, including to the AI agents and automation increasingly working alongside humans. One Splunk MCP server, for example, exposes the full breadth of observability data and context through a consistent interface.
3. Unified across application types. Traditional n-tier systems. Hybrid environments. Cloud-native microservices. Multi-AI agent systems and AI-enabled applications. Not separate products to observe each environment or architecture — but one workflow that spans all of them.

And it must be economically sustainable.

Observability should scale with the value it delivers — not punish you for generating data. Customers are being asked today to pay for the same visibility multiple times, across different tools, teams, and pipelines. That's not sustainable. With simple, predictable pricing, no punitive overages, federation, pipeline control, and flexible architectures, observability becomes something you can scale with confidence — and a unified platform is what makes that economic model possible in the first place.

How Customers Move Forward

We've focused on making the path forward simple, regardless of where you're starting from.

• If you're already using Splunk Observability Cloud, you get all the capabilities that you already know and love — plus it’s been supercharged with business transactions, business journeys, n-tier app monitoring, database monitoring, code-level insights, AI SRE, digital experience analytics, app security, observability for AI and network observability.
• If you're a Splunk Platform customer using Splunk for log analytics, Splunk Observability Cloud is effectively a premium app on top of what you already have. It uses OpenTelemetry to collect and correlate metrics and traces with the logs you’ve already instrumented — with unified login through Splunk Cloud — so there's no double-publishing or double-paying for logs. You get best-in-class APM, Infrastructure Monitoring and Digital Experience Monitoring unified with the Log Analytics capabilities you already rely on Splunk for today.
• If you're using AppDynamics SaaS and want best-in-class, real-time observability across cloud-native, microservices, and n-tier applications, you can run both environments side by side and explore Observability Cloud at your own pace. More on this below.

What This Means for AppDynamics Customers

If you're an AppDynamics SaaS customer, you have a clear path forward — and a lot to be excited about.

For more than 15 years, AppDynamics has helped the world’s most impactful companies understand what their applications mean to their business. That’s not a small thing — and it’s a responsibility we carry forward with intention. The business transaction model AppDynamics pioneered is, frankly, why the rest of the industry talks about "business context" at all.

We are bringing that legacy forward, not leaving it behind.

Splunk Observability Cloud now brings forward everything AppDynamics does well — deep code-level diagnostics, the business-transaction lens, database visibility, executive-grade dashboards — and adds new capabilities for the next era of applications: cloud-native scale, OpenTelemetry openness, agentic AI teammates, and a single workflow that spans every app type your business runs.

It's everything you have today, plus everything the next decade of observability requires.

Three things make exploring Splunk Observability Cloud practical, on your timeline:

• Dual-reporting agents. Recent versions of the AppDynamics agent forward metrics and traces in OpenTelemetry format to both the AppDynamics back end and Splunk Observability Cloud simultaneously — no re-instrumentation required, and with significantly lower CPU and memory footprint than legacy agents.
• OpenTelemetry support simplifies data collection across all your environments using a standard your teams can agree on.
• AI-powered translation tools. For customers who've invested in custom metrics, dashboards, or alerts in AppDynamics, our translation tool lets you see what you have today in AppDynamics and what it looks like in Splunk Observability Cloud — side by side. AppDynamics continues to be the right choice — and a continued area of investment — for self-managed, air-gapped, or heavily regulated environments.

This isn't a migration you're being pushed into — it's an expansion you control. Run both environments side by side, with no re-instrumentation and no disruption to what's working today.

If you've been an AppDynamics customer, your feedback has shaped what Splunk Observability Cloud has become. We're not asking you to leave something behind. We're inviting you forward into the platform your input helped build.

Why This Matters Now

AI makes unified observability more urgent.

AI isn't just another workload. It changes how systems are built and operated — and it raises the stakes on observability in three specific ways:

1. AI-generated code is compressing the software lifecycle. Coding agents are shipping more code, faster, with less human review. Observability now must catch problems humans didn't write.
2. AI systems fail in new ways. Hallucinations, agent loops, prompt injection, token cost spikes. These aren't traditional performance problems, and traditional APM can't see them. AI evaluation and observability have to be a first-class capability — not a bolt-on.
3. AI infrastructure is expensive and unpredictable to scale. GPU utilization, inference costs, and model drift are becoming line items on the CFO's desk. Observability is now a cost-governance tool, not just a reliability tool.

The platform you choose today needs to support the systems you'll be running 18 months from now — not just the ones you ran 18 months ago. That's why we've built Agent Observability, including integration with Cisco AI Defense, directly into Splunk Observability Cloud — and why Cisco and Splunk are charter members of Project Glasswing, Anthropic's initiative to defend critical infrastructure against frontier AI threats. In a world where models like Claude Mythos can compress the time-to-exploit window from months to under 20 hours, the difference between seeing what's happening in your stack and not seeing it is now measured in hours.

Cisco’s recent acquisition of Galileo will supercharge these capabilities with world-class, low-cost evaluations that enable you to observe 100% of agents without the need for sampling, and real-time guardrails to stop inaccurate and harmful outputs.

A Clear Direction Forward

What I hear from customers consistently is simple: They need less fragmentation, more clarity, and a clear sense of direction from the partners they trust.

This is exactly where we are going with Splunk Observability Cloud — unified by design, open by default, and built for what comes next.

Don't just choose a partner for the systems you have today. Choose one with the capacity to grow with you as your requirements evolve.