Skip to main content


Splunk Infrastructure
Monitoring Features

Open, flexible data collection

Splunk Distribution of the OpenTelemetry Collector

As founding members and active contributors to the OpenTelemetry project, Splunk Infrastructure Monitoring (IM) is built to support open source and open standards-based instrumentation so you have full control of your data. The OpenTelemetry Collector uses pipelines to receive, process and export trace data with components known as receivers, processors and exporters. You can also add extensions that provide the OpenTelemetry Collector with additional functionality, such as diagnostics and health checks. Instrument once as you build, expedite time-to-value and avoid vendor lock-in.

Metrics pipeline management and visibility into usage

Metrics pipeline management

Control metrics volume at the point of ingest without re-instrumentation to reduce metrics volume and optimize observability spend. Aggregation and data-dropping rules make it easy to control how you ingest and store before they are ingested. This helps you keep the metrics you need and discard the less important high-cardinality metrics you don’t. To keep costs under control, you’ll only pay for what you store.


Metric time series (MTS) creation and usage analysis

Monitor use and avoid overages with detailed usage reports. Detailed MTS creation and usage analysis provide usage transparency. Information on MTS usage in our platform, cardinality, and distribution across teams/tokens help users identify optimization opportunities.

Complete visibility across any environment

Full-stack observability

Infrastructure and application performance are interdependent. To see the full picture, Splunk IM provides seamless correlation between cloud infrastructure and the services running on top of it. Splunk will let you know if your application acts out because of memory leakage, a noisy neighbor container or any other infrastructure-related issue. Splunk IM is also cloud agnostic. Splunk ingests metrics and metadata with integrations into all of the popular cloud providers and their services (e.g., AWS, Azure, GCP, etc.) for fast time to value without the need to manage agents or plugins.

ootb navigators

Deep data linking with Splunk Platform, logs in Observability Cloud

Carry the context of your chart into solutions like Splunk Enterprise or Splunk Cloud for deeper insights with the Content Pack for Splunk Infrastructure Monitoring. Log Observer Connect also centralizes observability log data alongside metrics in Splunk IM to eliminate context switching, shortening root cause analysis. Log views in dashboards combine log messages and real-time metrics together on one page with common filters and time controls for faster in-context troubleshooting.

log timelines

300+ OOTB integrations

Splunk supplies hundreds of ready-to-use integrations with popular OSS, cloud infrastructure and services. Integrations automatically pull standard metrics from the services and feed them into pre-built dashboards for rapid visualization. Integrations go beyond just ingesting data to incident response systems, like Splunk On-Call for rapid issue resolution.

Automatic cloud network visibility

Using Extended Berkeley Packet Filter (eBPF) technology, Splunk IM’s Network Explorer collects fine-grained network telemetry data and correlates it with application metadata to provide a real-time view of all known and unknown service dependencies. Automatically detect and separate network outages from application issues in seconds.

network explorer

Visibility for serverless functions

Splunk monitors the most popular FaaS services (AWS Lambda, Azure Functions, Google Cloud Functions) with Function Wrappers that provide metrics on total invocations, errors, durations and etc. in seconds.

Analytics and interactive visualizations in real time

Real-Time streaming analytics

Unlike traditional systems that use a slow batch model to run analytics on metric time series data, Splunk Infrastructure Monitoring applies analytics on metrics in-flight using a streaming pub/sub bus. When there is downtime, every second counts. Only a streaming architecture can ingest, analyze and alert quickly enough to keep small issues from impacting your customers in a big way.

Instant, contextualized visibility (within seconds)

Automatically pull in standard metrics across your environment and feed them into pre-built, high-resolution dashboards for rapid visualization. Customize visualization by cloning and editing from out-of-the-box, curated dashboards to highlight exactly what matters most. Whether built-in or customized, visualize charts and dashboards that update in real-time with the metrics that matter most to you.

Alerting built for action

Sophisticated analytics functions

Go beyond raw metric data and basic functions. Use over 20 sophisticated analytics functions to gain a deeper understanding of patterns and trends.

Intelligent problem detection

With built-in data science, Splunk instantly and accurately alerts on dynamic thresholds, multiple conditions and complex rules to dramatically reduce MTTR. Splunk also enables predictive analysis, high-cardinality slice and dice, and rich analysis of business metrics.

Adaptive alert conditions

Reduce alert storms. Point and click alert conditions with dynamic thresholds and automatic baselining leverage data science instead of static thresholds for no-noise alerts. Preview these alerts to simulate and fine-tune.

Beyond performance metrics

Custom metrics

Easily instrument custom metrics that go beyond basic infrastructure health metrics (latency, errors, saturation, traffic, CPU, memory usage), so you can triage and diagnose issues based on their impact on your business.

Composite metrics for business KPIs

Business and application owners can measure relevant KPIs and derive insights such as customer churn rate, success ratios and products sold per second from one single pane of glass across engineering teams.

Best-in-class Kubernetes monitoring

Kubernetes navigator

Kubernetes navigator is a turnkey and enterprise-grade monitoring solution for even the largest of Kubernetes environments. It provides an intuitive way to understand and manage the performance of Kubernetes environments.

kubernetes navigator

Dynamic cluster maps

Automatically discover and visualize the Kubernetes objects, their health and performance of container resources with dynamic cluster maps and pre-built dashboards.

Enterprise-ready scale and agility

High-cardinality metastore

Designed with an independent data store optimized for your human-readable metadata, Splunk IM treats all dimensions and tags the same. Search by any combination of dimensions is equally efficient and fast, even with high-cardinality metrics.

Programmable APIs

Splunk enables self-service with control for Agile developers moving at innovation speed. Adopt monitoring-as-code by automatically building dashboards with Splunk APIs and SignalFlow Analytics Language. Make sophisticated ad-hoc queries or create charts and alerts at scale via programmable APIs with a monitoring-as-code approach enabled by the Terraform provider.

Integration with CI/CD tools

Enable your DevOps teams to perform frequent code pushes with integrations into the CI/CD toolchain (Jenkins, Ansible, ZooKeeper, etc.)

Mirrored dashboards

Effortlessly share charts or dashboards across your teams while maintaining granular access controls. Create Mirrored Dashboards from standard templates with automatic propagation of changes to maintain consistency across the organization.

Enterprise consumption and access controls

Achieve agility without losing control over usage, access and permissions. Control costs with capacity-limited tokens for self-service development and ops teams. Enable access to dashboard detectors by certain users and/or teams.

Simplified pricing

Splunk offers flexible billing that scales with you, with one simple pricing metric and no punitive overages if your actual usage changes

Industry certified, customer trusted

HIPAA compliance

HIPAA (Health Insurance Portability and Accountability Act of 1996) is United States legislation that provides data privacy and security provisions for safeguarding medical information. The Security Standards for the Protection of Electronic Protected Health Information, commonly known as the HIPAA Security Rule, establishes national standards for securing patient data that is stored or transferred electronically. The complete Splunk Observability portfolio, including Splunk IM, is HIPAA compliant.

SOC2 compliance

SOC2 is a component of the American Institute of CPAs (AICPA)’s Service Organization Control reporting platform. Its goal is to make sure that systems are set up so they assure security, availability, processing integrity, confidentiality and privacy of customer data. Splunk Infrastructure Monitoring goes through SOC2 compliance on an annual basis and focuses on security, availability and confidentiality.

SOC logo

Splunk Protects

Splunk Protects is our promise to secure your data. We are committed to global and industry compliance standards. We prepare for incidents and we help you prepare, respond and remediate.

Support and Services

Splunk Training

Splunk Training is the place for coursework on specific Splunk topics and learning paths to take you from novice to power user. Learn to monitor your infrastructure, create rich reports and visualizations from scratch and more.

Customer Success

Don't go at it alone — we can help. Your success is our top priority. Splunk offers a variety of support and professional services options that address your business needs and help you harness the value of Splunk.

What can you do with Splunk?