Are Observability Cloud offerings available on-prem?
No, Observability Cloud offerings are cloud only. However, we can monitor both on-prem and cloud environments. See https://www.splunk.com/en_us/app-integrations.html for a more comprehensive list of integrations.
Can I purchase additional products with Observability Cloud editions?
Yes, Splunk On-Call, Splunk Synthetic Monitoring and Splunk Enterprise Cloud are available and recommended as add-ons for Observability Cloud Standard and Plus. Of course, you can also purchase any other Splunk product standalone.
Are the Observability Cloud editions available in my region?
Currently Observability Cloud editions are only available for purchase in the Americas, but you can purchase Observability Cloud standalone globally.
What is the difference between Observability Cloud Standard and Plus?
Currently Observability Cloud Plus includes everything in Observability Cloud Standard plus Splunk Real User Monitoring (RUM) for digital experience monitoring capabilities, extending back-end visibility to the front-end.
How do you measure the number of hosts?
A host is a physical (in non-virtualized environments) or virtual instance (in virtualized or public cloud environments) reporting metric data to Splunk Observability Cloud.
We count the total number of unique hosts reporting data to Splunk Infrastructure Monitoring on an hourly basis, then calculate the average of those hourly measurements across each billing month. We bill you using that average calculation.
We count the total number of unique hosts reporting to Splunk APM per minute, then calculate the average of these per minute measurements across each billing month, as well as 50% of the peak of all the per minute measurements of the billing month. The higher value of the two will determine the use for that month.
What is a Standard Metric and what is a Custom Metric?
A metric is defined as the unique combination of a metric name and its dimension values. For example, a metric name of api.call.count that has a hostname dimension with 100 values would generate 100 unique metrics.
Standard metrics are the system and service metrics sent by default by Smart Agent in addition to those reported by supported public cloud providers (Amazon Web Services, Microsoft Azure, Google Cloud Platform) for hosts and containers. Standard metrics are included as part of a host or container subscription.
Metrics reported to Splunk Infrastructure Monitoring and Splunk APM outside of standard metrics are considered custom metrics. Custom metrics are typically used for application monitoring, such as counting the number of API calls or measuring the duration of API requests.
What are high-resolution metrics and when should I use them?
High-resolution metrics are processed by Splunk Infrastructure Monitoring and Splunk APM at their native resolution or at 1-second resolution (whichever is coarser). In contrast, metrics that are not designated as high resolution are processed by Splunk Infrastructure Monitoring and Splunk APM at the coarser of their native resolution or 10-second resolution. High-resolution metrics enable exceptionally fine-grained and low-latency visibility and alerting for your infrastructure, applications and business performance.
When should I consider usage-based pricing?
Usage-based pricing is well suited for monitoring serverless environments or cloud services that don’t provide a view of underlying hosts. It is also ideal for customers who want granular control of their monitoring service spend.
How many containers can I monitor with a host-based subscription plan?
Our Standard Edition comes with an allocation of 10 containers per host, while the Enterprise Edition provides 20 containers per host. This allocation is pooled, rather than tied to each of your specific hosts. For example, if you purchase an Enterprise subscription for monitoring 10 hosts, you can monitor 200 containers (10 hosts x 20 containers) spread across all 10 of those hosts. If you need additional container capacity, you can either purchase container capacity a la carte per container/month, or purchase more host-based licenses.
How do you provide security for my data?
Splunk Infrastructure Monitoring and Splunk APM were designed from the ground up with security as a key tenet, using best-in-class technologies, infrastructure, and development practices to safeguard customer data while delivering low latency, and real-time performance.Splunk Infrastructure Monitoring and Splunk APM ensure data security by using TLS 1.2 for data in motion and encrypting customers’ secrets data in rest using AES 256 bit encryption. Splunk Infrastructure Monitoring and Splunk APM currently hold the SOC 2 Type 2 attestation covering the trust criteria for security, availability, and confidentiality. For details on how Splunk Infrastructure Monitoring and Splunk APM are keeping your data secure, please refer to our security whitepaper.
How do you handle overages?
Splunk Infrastructure Monitoring and Splunk APM provide complete transparency, flexibility, and control to meet your usage needs. Monthly charges are based on average usage during the month, so overages are incurred only if the average monthly usage is above your allocation.You get transparent and daily detailed reports on all monitored hosts, containers, and metrics. You can enable proactive alerts as you approach your purchased capacity, and you can control how to right-size your deployments by purchasing additional capacity or dialing back usage. You can also manage and monitor Splunk Infrastructure Monitoring and Splunk APM usage across your organization. By allocating tokens to your internal teams, you can manage usage at the individual team level.
Do you provide volume discounts?
Volume discounts are available for each of our plans. Contact us for details.
What is infinite logging? And how does this relate to ingested and indexed data?
Infinite logging enables you to bring in all your observability logs to Splunk Log Observer. With Infinite logging, you can dial in logs you want to shape with context and be readily searchable, and logs you want to see once in a live tail view, then direct for compressed storage in storage you own (for example, Amazon S3).
So, do I buy hosts, or do I buy usage?
Splunk Log Observer is designed to provide pricing that is easy, but also, can be tailored to “o11y” your needs. For many customers, all you need to do is count the number of hosts you’re logging from. Each host provides a generous amount of built-in indexing and ingestion. If you have a lot of logs per host - perhaps a lot of debug logs, you can add indexing and/or ingest capacity.
What happens if there is an overage - I sent more logs than I purchased?
First, don’t worry! Unless we see an extraordinary volume, we won’t stop logging or billing you more. We’ll reach out, let you know what we’re seeing, and see what the right path is. Perhaps there were logs you weren’t anticipating, and our pipeline management can filter that out. Or, you really have a lot going on and you need to log it - we’ll figure it out together.
I’m already a Splunk Cloud customer, can I apply some of my capacity to pay for this amazing product?
Let’s talk! Just reach out to your account manager and we’ll figure out the best path for you.
Is Splunk Log Observer a standalone product that I can purchase on its own?
No, not at this time. Splunk Log Observer offers some new experiences in exploring logs, devops-oriented log consumption and live tail capabilities that your developers and SREs will love. But, those capabilities shine most when you can move from an exemplar trace to a log in one click, or see in a single click whether your infrastructure is contributing to performance issues that are written out in logs.