What’s new in Splunk IT Service Intelligence

This time last year, at .conf2015, we introduced Splunk IT Service Intelligence (ITSI) to the world and it’s been a fantastic first year – customers all over the world have chosen ITSI to transform service monitoring and IT operations through machine data-driven analytics.

Surrey Satellite Technology_Daniel Nye_1On Tuesday morning at .conf2016, we had the opportunity to announce what’s new with ITSI. The newest release builds on where we started with ITSI, simplifying service operations with advanced event analytics and delivering business and service context to help prioritize incident investigation.  As promised, we continue to innovate with machine learning to reduce the complexity in rules and threshold management with real-time correlations, predefined semantics and base-lining behavior operational patterns. Let’s dig into the new capabilities:

Simplify Operations with Machine Learning

What’s normal activity for 2pm on a Monday is likely very different from normal activity for 2am on a Saturday, and you can work with ITSI to identify these differences to ensure that only what’s relevant and important and notable events come through as alerts. ITSI lets every IT practitioner, not just data scientists, take advantage of machine learning to identify normal vs abnormal behavior and use advanced measurements to dynamically adapt thresholds. ITSI uses real-time, multivariate anomaly detection seamlessly in the product and combines event data with advanced analytics to reduce event clutter, false positives and extensive rules maintenance.


Cox Automotive_Ken Gavranovic_1

Improved Incident Prioritization

ITSI is focused on improving the signal to noise ratio with IT monitoring, reducing the effort wasted sifting through vast numbers of event data by filtering, tagging and sorting events based on priority. You can quickly tag, index, enrich and add context to events in ITSI to make event management more informative and more actionable. Also, with ITSI, you can easily integrate with incident management applications like ServiceNow or BMC Remedy or build your own custom integrations to initiate incident workflows and remediation processes.


Getting Up and Running Faster with ITSI Modules

Splunk ITSI Modules include built-in data access and pre-packaged dashboards, to deliver deep, service-oriented insights into individual technology domains like application servers, databases, load balancers, operating systems, virtualization, web servers, storage, cloud services and mobile end user experience. Modules are purpose-built for ITSI and are designed to make it easier and faster to get up and running with ITSI. ITSI Modules can be easily mapped to services, KPIs and entities as well as easily configured with guided in-browser module configurations. Customers and partners can even develop their own modules via the ITSI Module Builder Tools (link to>


Getting Started

As you can see, this latest release of Splunk ITSI is packed with great features to make IT monitoring smarter and more effective. Ready to dig in?

Jon Rooney

Posted by