Flexible & simple pricing for any scale

Observe, troubleshoot and respond with Splunk’s observability solutions built to fit your environment at any scale. Get started easily with predictable pricing for Splunk® Infrastructure Monitoring, Splunk APM, Splunk Log Observer, or Splunk RUM to address your specific use cases and operational pain points.

Splunk Infrastructure Monitoring Pricing

Standard
$15
per host monthly, billed annually
Per MTS*
*Metric Time Series
Enterprise
$25
per host monthly, billed annually
Per MTS*
*Metric Time Series
Containers Per Host

A lightweight, executable package of software that includes application binaries, dependencies and system runtimes.

10 20
Custom Metrics Per Host

Any metric type sent to Splunk Infrastructure Monitoring other than those sent via standard integrations (e.g. emitted from the Smart Agent). Custom metrics by default have 10sec resolution. Resolution is the data collection time interval or the intervals for displaying metrics on a chart.

100 200
High-resolution Metrics

Metrics that are sent into Splunk Infrastructure Monitoring at 1sec intervals. This allows your graphs and detectors to display or analyze data instantly, which is especially valuable for short-lived infrastructure like containers and serverless functions.

10 50
Data Retention (1min Roll-ups / 1sec Native)

Storage policy that sets how long data will be saved in Splunk Infrastructure Monitoring datastore. Splunk Infrastructure Monitoring allows you to retain metric data for week-over-week, month-over-month, or year-over-year for historical analysis and backtesting on alerts using your own data to fine tune alert conditions.

13 months / 8 days 13 months / 3 months
Live Support

Best in class live technical support team providing break-fix support, operational maintenance, and premium support services.

Standard
8×5 Email
Premium
24×7 Email & Phone
8×5 Chat
Architecture
Streaming Analytics

Splunk Infrastructure Monitoring metric time series are routed directly to charts, detectors, analytics jobs using a streaming pub/sub bus. Visualize and alert in seconds, instead of minutes or hours as with legacy batch-based monitoring tools.

High Churn Metadata Store

Designed with an independent data store optimized for your human readable metadata, Splunk Infrastructure Monitoring treats all dimensions and tags the same. Search by any combination of dimensions is equally efficient and fast even with high cardinality metrics.

Dynamic Lag Adjustment

Splunk Infrastructure Monitoring handles irregularities in data dynamically by adjusting rollup windows to ensure the highest accuracy charts.

Automated Time Series Aggregation (Quantizer™)

Splunk Infrastructure Monitoring calculates pre-aggregations such as percentiles, growth rates, etc. for the most reliable health checks of your environment. Get significantly faster visualizations compared to others that take minutes or even hours to query.

Instrumentation
OpenTelemetry Data Ingestion and Auto-Discovery

Lightweight open-source based agent for Linux and Windows with automated discovery services running on hosts and dynamic configuration of data collection plugins. Simple to set up for fast time to value. Visualize data at up to 1second resolution.

Service Integrations

Splunk Infrastructure Monitoring supplies hundreds of ready to use integrations with popular OSS, cloud infrastructure and services for fast time-to-value. Integrations automatically pull standard metrics from the services and feed them into pre-built dashboards for rapid visualization.

Cloud API Integration with AWS, Azure, GCP, and PCF

Splunk Infrastructure Monitoring ingests metrics and metadata with integrations into all of the popular cloud providers and theirs services (e.g, AWS ECS, Azure Functions, GCP BigTable, etc.) for fast time to value without the need to manage agents or plugins.

Function Wrappers for Serverless Integration

Splunk Infrastructure Monitoring monitors the most popular FaaS platforms (AWS Lambda, Azure Functions, Google Cloud Functions) with Function Wrappers that provide metrics on total invocations, errors, durations, etc. in seconds

Analytics
Kubernetes Analyzer

Expedite triaging and troubleshooting leveraging AI-driven analytics which automatically surfaces actionable insights and recommendations

Patented Data Science Analytics (SignalFlow™)

SignalFlow™ streaming analytics engine applies sophisticated and programmable data science models on streaming data to unlock insights in real-time; this is opposed to the black-box analytics that most legacy monitoring vendors currently provide

Predictive Analytics

Advanced forecasting of your infrastructure extrapolates the future state of your resources and services so you can determine scaling issues before they happen.

High Cardinality Slice and Dice

Filter, slice and dice, and drill down on data to conduct complex analytics across metric time series in parallel. Up to 5x more MTS capacity than others with more sophisticated statistics. Ideal for organizations moving to DevOps, containers and serverless functions

Composite Metrics for Business KPIs

Business and application owners can measure relevant KPIs and derive insights such as customer churn rate, success ratios, cache hit rates, products sold per second, etc. from one single pane of glass accros developers and ops teams.

Calendar Window Analytics

Splunk Infrastructure Monitoring analytics functions can be calculated over true calendar intervals to provide even relevant business context to charts

Visualization
Kubernetes Navigator

Pre-built, curated visualization to easily and intuitively understand the health of the entire Kubernetes environment: clusters, nodes, pods, containers, and workloads

Instant Discovery and Visualization (Seconds)

Insights into your dynamic environments (e.g., VMs, containers, serverless functions) within seconds, instead of minutes or hours that legacy batch-based monitoring tools provide.

Infrastructure Navigator

See a live heatmap of your entire infrastructure in one single unified view.

Live Streaming Charts and Dashboards

Whether built-in or customized, visualize charts and dashboards that update in real-time with the metrics that matter most to you instead of waiting minutes if not hours with most batch querying monitoring tools.

100+ Pre-Built Dashboards for Popular Services

Immediate visibility into the technologies and services being used in your environment with Splunk Infrastructure Monitoring best practice pre-built dashboards.

Charts as Code

Splunk Infrastructure Monitoring provides an interface to convert charts from code and vice versa enabling monitoring as code use cases. Ideal for organizations moving to DevOps and centralized observability teams.

Data Links

Carry the context of your chart into third-party solutions in your toolchain such as logging for deeper insights, shortening root cause analysis and avoiding expensive ripping and replacing of tools.

Alerting
Instant Alerting

Alert on patterns and identify anomalies in seconds, instead of minutes as with legacy batch-based monitoring tools that can result in lengthy downtime or persistent performance issues.

Adaptive Alert Conditions

Point and click alert conditions with dynamic thresholds and automatic baselining that leverages data science algorithms for consistent no-noise alerts, instead of static thresholds that set off alert storms.

Alerts Creation Wizard

Comprehensive library of data science-driven functions democratizes data science for every use to easily create composite metrics and customize sophisticated alert rules unique to the critical alerts you need to monitor the health of your business.

Alert Preview

Splunk Infrastructure Monitoring provides alerting simulations that backtests alerts on historical data to enable fine-tuning, accuracy, and prevention of alert storms.

Enterprise DevOps
Programmable APIs

Self-service with control for moving at DevOps speed. Control costs with capacity limited tokens for self-service development and ops teams. Enable access to dashboard detectors by certain users and/or teams.

Detailed Usage Report (Service Bureau)

Get up-to-date insights into your use of Splunk Infrastructure Monitoring so you can monitor your usage and avoid black-box overages.

Mirrored Dashboard (Service Bureau)

Create dashboard copies from standard template with automatic propagation of changes to maintain consistency across the organization without manual work

Permissions and Teams Management (Service Bureau)

Self-service with control for moving at DevOps speed. Control costs with capacity limited tokens for self-service development and ops teams. Enable access to dashboard detectors by certain users and/or teams.

Multi-Org Support (Service Bureau)

Splunk Infrastructure Monitoring provides single consolidated billing across all users and organizations in an enterprise organization

Cloud Cost Optimizer

Reduce CapEx with a comprehensive view of your entire cloud infrastructure costs and capacity to better optimize spend and select the appropriate resource types.

We offer significant volume discounts

Splunk APM Pricing

Standard
$55
per host monthly, billed annually
Per TAPM*
*Trace Analyzed Per Minute
Enterprise
$85
per host monthly, billed annually
Per TAPM*
*Trace Analyzed Per Minutte
Containers Per Host

A container is a lightweight, executable package of software that includes application binaries, dependencies and system runtimes.

10 20
Monitoring MetricSets

A set of metrics created by default for certain components in a monitored distributed application and designed to alert on changes in application performance. A Monitoring MetricSet includes metrics such as request rate, error rate, and latency percentiles.

20 40
Troubleshooting MetricSets

A set of metrics created by default for certain components in a monitored distributed application and designed to enable detailed analysis and troubleshooting of an application. A Troubleshooting MetricSet includes metrics such as the request rate, error rate, root-cause error rate and latency percentiles.

200 400
Trace Volume Ingested (per min)

The amount of trace data per minute that customers pay for to be ingested by the Splunk APM system.

10.24 MB 20.48 MB
Monitoring MetricSet

A set of metrics created by default for certain components in a monitored distributed application and designed to alert on changes in application performance. A Monitoring MetricSet includes metrics such as request rate, error rate, and latency percentiles.

5 per 1,000 TAPM 10 per 1,000 TAPM
Troubleshooting MetricSet

A set of metrics created by default for certain components in a monitored distributed application and designed to enable detailed analysis and troubleshooting of an application. A Troubleshooting MetricSet includes metrics such as the request rate, error rate, root-cause error rate and latency percentiles.

50 per 1000 TAPM 100 per 1000 TAPM
Trace Volume Ingested (bytes per min)

The amount of trace data per minute that customers pay for to be ingested by the Splunk APM system.

10*256*TAPM 20*256*TAPM
Support

Best in class live technical support team providing break-fix support, operational maintenance, and premium support services.

8×5 Email 24×7 Phone & Email, 8×5 Chat
Architecture
NoSample™ Full-Fidelity Trace Retention

Splunk APM ingest ALL traces and spans in a microservices-based application

Trace and Span Metricization

Splunk Smart Gateway™ turns every span and trace into metrics to create pre-built service monitoring dashboards, fire precise alerts, and determine performance baselines at granular span and trace level.

Instrumentation
Auto-instrumentation - Java, Python, Ruby, Node.js, Go, PHP, .Net

Splunk APM provides open source agents and libraries to automatically instrument popular frameworks (Java, Node, Python, Ruby, etc.). Auto-instrumentation gives instant visibility into OSS frameworks such as Spring Boot, Cassandra, Flask etc.

OpenTelemery Data Ingestion

Splunk APM integrates with system-wide observability sources such as service mesh (Istio and Envoy) and transparently collects metrics and traces to enable service monitoring and distributed tracing use cases with minimal instrumentation.

Support for Service Mesh: Istio, Envoy and Linkerd

Splunk APM supports open, vendor-neutral instrumentation based on OpenTracing, OpenCensus, and Zipkin giving customers complete flexibility and choice for instrumenting their application.

Visualization
Dynamic Service Maps

Dynamically generated service maps give out-of-the-box, instant visibility into real-time service interactions, dependencies, and performance. Service maps enable quick visualization of services with frequent errors and instant isolation of slow performing services.

Unified Service Dashboards

Single-pane-of-glass view from a single dashboard to get insights on application and infrastructure performance. Unified dashboards enable quick triage of the root cause of a performance issue.

Latency and Error Histograms

Automatically display percentile distribution of traces and spans. Thanks to its NoSample architecture, Splunk APM histograms provide a more accurate representation capturing all relevant datapoints and making it easier to isolate outlier traces.

Trace Navigator

Splunk APM allows to visualize traces with thousands of spans using Google maps like experience to quickly zoom-in and zoom-out, display only inter-service spans to isolate the right trace.

Alerting & Troubleshooting
Service Alerting with Trace Context

Accurate alerting on service performance within the context of a trace to expedite the root-cause analysis. Create granular alerts on service performance. Splunk APM alerts automatically maintain the correct time context to quickly isolate the traces for debugging and troubleshooting.

Span to Infrastructure Correlation

Splunk APM enables to visually correlate infrastructure to application performance at a granular span-level from a single-pane of glass view. Splunk APM captures the host metrics where the application is running and correlates them with span performance to determine the root cause.

Historical Performance Comparison

By comparing trace and span performance with historical benchmarks, users determine the normal performance behavior to validate the success of every code release Splunk APM provides intuitive visualization for teams to quickly ascertain what is the normal performance for a span or traces

Data Links

Data links enable context-aware workflows across metrics, traces and logs to quickly troubleshoot a performance issue. Start with dashboards powered by metrics or traces and deep link to logs to get contextual insights.

Trace Analytics
Latency contribution analysis

Smart Gateway analyzes every transaction by applying patented statistical models to identify anomalous trace and span data. Splunk APM retains the representative anomalous traces for further debugging and troubleshooting

Infinite Cardinality Trace Search and Analytics

The ability to breakdown ALL traces and observe application behavior for every container, service names, operations, organization IDs, or any other important business logic

AI-Driven Directed Troubleshooting

Sophisticated data science and advanced statistics designed to point to root cause of errors and issues. All other definitions stay unchanged

Tag Spotlight

Analyze and understand the behavior of traces and errors based on all your indexed tags in a single unified view to accelerate troubleshooting

Business Workflows

Measure Important KPIs. Track how services impact the overall business simply by clicking on the service map.

How much can you save with Splunk?

 

Splunk Log Observer Pricing

Most Popular
Standard
Starting at
$6.25
$6.25
7.5 GB per host monthly
billed annually
Contact Us
Enterprise
Starting at
$12.50
$12.50
15 GB per host monthly
billed annually
Contact Us
Standard
Contact Us
Enterprise
Contact Us
Or, if you prefer, pricing per ingest GB (per host monthly, billed annually)
Or, if you prefer, pricing per indexed GB (per host monthly, billed annually)
$0.10 $5.00 $0.12 $6.00
Architecture
Infinite logging - ingest everything, index as needed
Pipeline management - shape inbound logs for context and value
Trace and span metricization
Instrumentation
Support for OpenTelemetry
Connectors for AWS Cloudwatch, Kubernetes, Fluentd, and other popular log streaming services
Visualization
Connect Metrics and Traces to logs
Log Explorer - No code explorations of log data
Metricization of log data
Live Tail
Standard
$10
$6.25
7.5 GB Per host/ month*
Contact Us

What You Get

Starter functionality priced for small (but mighty) teams.

Architecture
Pricing per ingest
Pricing per index
$0.10 $5.00
Infinite logging - ingest everything, index as needed
Pipeline management - shape inbound logs for context and value
Trace and span metricization
Instrumentation
Support for OpenTelemetry
Connectors for AWS Cloudwatch, Kubernetes, Fluentd, and other popular log streaming services
Visualization
Connect Metrics and Traces to logs
Log Explorer - No code explorations of log data
Metricization of log data
Live Tail
Enterprise
$45
$12.50
15 GB Per host/ month*
Contact Us

What You Get

Looking for more than alerting? With Enterprise, cross-functional teams access reporting, alert routing and more to own on-call.

ARCHITECTURE
Pricing per ingest
Pricing per index
$0.12 $6.00
Infinite logging - ingest everything, index as needed
Pipeline management - shape inbound logs for context and value
Trace and span metricization
Instrumentation
Support for OpenTelemetry
Connectors for AWS Cloudwatch, Kubernetes, Fluentd, and other popular log streaming services
VISUALIZATION
Connect Metrics and Traces to logs
Log Explorer - No code explorations of log data
Metricization of log data
Live Tail

How much can you save with Splunk?

 

Splunk RUM Pricing

Standard
$14 $14
Per 10,000 sessions/month,
billed annualy ($17 monthly)
Contact Us
Enterprise
$18 $18
Per 10,000 sessions/month,
billed annualy ($21 monthly)
Contact Us
Feature
Starter
Contact Us
Growth
Contact Us
Enterprise
Contact Us
TMS Cardinality Limit (Per Minute) 200 400
Session Volume (per 10k session per month) 30 GB 60 GB
Support 8x5 (Email) 24x7 Phone and Email, 8x5 chat
Architecture
NoSample Full-Fidelity Session Retention
Trace and span metricization
Instrumentation
Support for OpenTelemetry
Visualization
RUM to APM linkage
Web Vitals Support
Latency and error histograms
Session Navigator
Alerting & Troubleshooting
Historical performance comparison
Session Analytics
Latency contribution analysis
High-Cardinality Session Search and Analytics
AI Driven Intelligent Troubleshooting
Standard
$14 $14
Per 10,000 sessions/ month billed annually
($17 monthly)
Contact Us

TMS Cardinality Limit (Per Minute)
200
Session Volume (per 10k session per month)
30 GB
Support
8x5 email
Architecture
NoSample Full-Fidelity Session Retention
Trace and span metricization
Instrumentation
Support for OpenTelemetry
VISUALIZATION
RUM to APM linkage
Web Vitals Support
Latency and error histograms
Session Navigator
Alerting & Troubleshooting
Historical performance comparison
Session Analytics
Latency contribution analysis
High-Cardinality Session Search and Analytics
AI Driven Intelligent Troubleshooting
Enterprise
$18 $18
Per 10,000 sessions/month, billed annually
($21 monthly)
Contact Us

TMS Cardinality Limit (Per Minute)
400
Session Volume (per 10k session per month)
60 GB
Support
24x7 Phone and email
8x5 chat
ARCHITECTURE
NoSample Full-Fidelity Session Retention
Trace and span metricization
Instrumentation
Support for OpenTelemetry
Visualization
RUM to APM linkage
Web Vitals Support
Latency and error histograms
Session Navigator
ALERTING & TROUBLESHOOTING
Historical performance comparison
SESSION ANALYTICS
Latency contribution analysis
High-Cardinality Session Search and Analytics
AI Driven Intelligent Troubleshooting

How much can you save with Splunk?

 

Splunk Synthetic Monitoring Pricing

Standard Enterprise
Browser Tests
$12 $12
Per 1,000 Runs Monthly,
Billed Annually
API Tests
$4 $4
Per 10,000 Runs Monthly,
Billed Annually
Uptime Tests
$1 $1
Per 10,000 Runs Monthly,
Billed Annually
Contact Us
Browser Tests
$20 $20
Per 1,000 Runs Monthly,
Billed Annually
API Tests
$6 $6
Per 10,000 Runs Monthly,
Billed Annually
Uptime Tests
$2 $2
Per 10,000 Runs Monthly,
Billed Annually
Contact Us
Feature
Starter
Contact Us
Growth
Contact Us
Enterprise
Contact Us
Global Synthetic Testing Locations
18 49
Data Retention
45 days / 13 months 180 days / 25 months
Browser Tests
Splunk Web Optimization Access
Browser Performance Metrics
50+ 50+
Business Transaction Timers
Screenshots on Errors
Competitive Benchmarking
Waterfall Charts
Custom User Timing Metrics
Video Playback & Filmstrips
Browser & API Tests
Transactional Flows
Request and Response Headers
Visualizations
Availability / SLA Metrics
Pre-built Dashboards for Popular Performance Metrics
Scheduled Custom Reports
Public Status Pages
Alerting & Troubleshooting
Text and Phone Notifications
Webhook & Data Integrations
Customizable Alert Payloads
Share Links
User & Account Management
Number of Users
Unlimited Unlimited
Programmable APIs
Multi-Org Support
Permissions and Team Management
Live Support
Email & Chat Email & Chat
Standard
Browser Tests
$12 $12
1,000 Runs Monthly
Billed Annually
API Tests
$4 $4
10,000 Runs Runs Monthly
Billed Annually
Uptime Tests
$1 $1
10,000 Runs Monthly
Billed Annually
Contact Us

Global Synthetic Testing Locations
18
Data Retention
45 days / 13 months
BROWSER TESTS
Splunk Web Optimization Access
Browser Performance Metrics
50+
Business Transaction Timers
Screenshots on Errors
Competitive Benchmarking
Waterfall Charts
Custom User Timing Metrics
Video Playback & Filmstrips
BROWSER & API TESTS
Transactional Flows
Request and Response Headers
VISUALIZATION
Availability / SLA Metrics
Pre-built Dashboards for Popular Performance Metrics
Scheduled Custom Reports
Public Status Pages
ALERT & TROUBLESHOOTING
Text and Phone Notifications
Webhook & Data Integrations
Customizable Alert Payloads
Share Links
USER & ACCOUNT MANAGEMENT
Number of Users
Unlimited
Programmable APIs
Multi-Org Support
Permissions and Team Management
Live Support
Email & Chat
Enterprise
Browser Tests
$20 $20
1,000 Runs Monthly
Billed Annually
API Tests
$6 $6
10,000 Runs Monthly
Billed Annually
Uptime Tests
$2 $2
10,000 Runs Monthly
Billed Annually
Contact Us

Global Synthetic Testing Locations
49
Data Retention
180 days / 25 months
BROWSER TESTS
Splunk Web Optimization Access
Browser Performance Metrics
50+
Business Transaction Timers
Screenshots on Errors
Competitive Benchmarking
Waterfall Charts
Custom User Timing Metrics
Video Playback & Filmstrips
BROWSER & API TESTS
Transactional Flows
Request and Response Headers
VISUALIZATION
Availability / SLA Metrics
Pre-built Dashboards for Popular Performance Metrics
Scheduled Custom Reports
Public Status Pages
ALERT & TROUBLESHOOTING
Text and Phone Notifications
Webhook & Data Integrations
Customizable Alert Payloads
Share Links
USER & ACCOUNT MANAGEMENT
Number of Users
Unlimited
Programmable APIs
Multi-Org Support
Permissions and Team Management
Live Support
Email & Chat

How much can you save with Splunk?

 

Splunk On-Call Pricing

Most Popular
Starter
$10
$5
Per user/month
Get Started
Growth
$35
$23
Per user/month
Get Started
Enterprise
$45
$25
Per user/month
Get Started
Feature
Starter
Get Started
Growth
Get Started
Enterprise
Get Started
What You Get
Starter functionality priced for small (but mighty) teams. Welcome to awesome alerting and then some. The Growth plan is built for DevOps teams looking to streamline incident response. Looking for more than alerting? With Enterprise, cross-functional teams access reporting, alert routing and more to own on-call.
Collaborative Incident Response
Users
Up to 10 Unlimited Unlimited
100+ Out-of-the-Box Integrations
ITSM Integrations (ServiceNow, JIRA)
Advanced Splunk Integrations
Unlimited Custom Integrations via REST API
Reroute, Ack, Snooze and Resolve in Slack
Route Alerts to Private Slack Channels
ChatOps Collaboration
In-App Collaboration (Mobile/Web)
Reliable Notifications and Escalations
Unlimited API Access and Methods
Unlimited Domestic SMS Notifications
Unlimited International SMS Notifications
Unlimited Email and Push Notifications
Machine Learning
New Similar Incidents
New Suggested Responders
iOS and Android Mobile App
Create Incidents
Acknowledge / Resolve Incidents
Reroute an Incident
Snooze Incidents until a Specified Time
Enriched Notifications with Runbooks and Annotations
Access to Full Incident Timeline
On-Call Schedule Details
Ad Hoc Shift Overrides
Starter
$10
$5
Per user/month
Get Started

What You Get

Starter functionality priced for small (but mighty) teams.

Collaborative Incident Response
Users
Up to 10
100+ Out-of-the-Box Integrations
ITSM Integrations (ServiceNow, JIRA)
Advanced Splunk Integrations
Unlimited Custom Integrations via REST API
Reroute, Ack, Snooze and Resolve in Slack
Route Alerts to Private Slack Channels
ChatOps Collaboration
In-App Collaboration (Mobile/Web)
Reliable Notifications and Escalations
Unlimited API Access and Methods
Unlimited Domestic SMS Notifications
Unlimited International SMS Notifications
Unlimited Email and Push Notifications
Machine Learning
New Similar Incidents
New Suggested Responders
iOS and Android Mobile App
Create Incidents
Acknowledge / Resolve Incidents
Reroute an Incident
Snooze Incidents until a Specified Time
Enriched Notifications with Runbooks and Annotations
Access to Full Incident Timeline
On-Call Schedule Details
Ad Hoc Shift Overrides
Growth
$35
$23
Per user/month
Get Started

What You Get

Welcome to awesome alerting and then some. The Growth plan is built for DevOps teams looking to streamline incident response.

Collaborative Incident Response
Users
Unlimited
100+ Out-of-the-Box Integrations
ITSM Integrations (ServiceNow, JIRA)
Advanced Splunk Integrations
Unlimited Custom Integrations via REST API
Reroute, Ack, Snooze and Resolve in Slack
Route Alerts to Private Slack Channels
ChatOps Collaboration
In-App Collaboration (Mobile/Web)
Reliable Notifications and Escalations
Unlimited API Access and Methods
Unlimited Domestic SMS Notifications
Unlimited International SMS Notifications
Unlimited Email and Push Notifications
Machine Learning
New Similar Incidents
New Suggested Responders
iOS and Android Mobile App
Create Incidents
Acknowledge / Resolve Incidents
Reroute an Incident
Snooze Incidents until a Specified Time
Enriched Notifications with Runbooks and Annotations
Access to Full Incident Timeline
On-Call Schedule Details
Ad Hoc Shift Overrides
Enterprise
$45
$25
Per user/month
Get Started

What You Get

Looking for more than alerting? With Enterprise, cross-functional teams access reporting, alert routing and more to own on-call.

Collaborative Incident Response
Users
Unlimited
100+ Out-of-the-Box Integrations
ITSM Integrations (ServiceNow, JIRA)
Advanced Splunk Integrations
Unlimited Custom Integrations via REST API
Reroute, Ack, Snooze and Resolve in Slack
Route Alerts to Private Slack Channels
ChatOps Collaboration
In-App Collaboration (Mobile/Web)
Reliable Notifications and Escalations
Unlimited API Access and Methods
Unlimited Domestic SMS Notifications
Unlimited International SMS Notifications
Unlimited Email and Push Notifications
Machine Learning
New Similar Incidents
New Suggested Responders
iOS and Android Mobile App
Create Incidents
Acknowledge / Resolve Incidents
Reroute an Incident
Snooze Incidents until a Specified Time
Enriched Notifications with Runbooks and Annotations
Access to Full Incident Timeline
On-Call Schedule Details
Ad Hoc Shift Overrides

We offer significant volume discounts

 

Analytics-Driven Observability

Splunk Observability Cloud*

Are Observability Cloud offerings available on-prem?

No, Observability Cloud offerings are cloud only. However, we can monitor both on-prem and cloud environments. See https://www.splunk.com/en_us/app-integrations.html for a more comprehensive list of integrations.

 

Can I purchase additional products with Observability Cloud editions? 

Yes, Splunk On-Call, Splunk Synthetic Monitoring and Splunk Enterprise Cloud are available and recommended as add-ons for Observability Cloud Standard and Plus. Of course, you can also purchase any other Splunk product standalone.

 

Are the Observability Cloud editions available in my region?

Currently Observability Cloud editions are only available for purchase in the Americas, but you can purchase Observability Cloud standalone globally. 

 

What is the difference between Observability Cloud Standard and Plus?

Currently Observability Cloud Plus includes everything in Observability Cloud Standard plus Splunk Real User Monitoring (RUM) for digital experience monitoring capabilities, extending back-end visibility to the front-end. 

 

How do you measure the number of hosts? 

A host is a physical (in non-virtualized environments) or virtual instance (in virtualized or public cloud environments) reporting metric data to Splunk Observability Cloud. 

We count the total number of unique hosts reporting data to Splunk Infrastructure Monitoring on an hourly basis, then calculate the average of those hourly measurements across each billing month. We bill you using that average calculation. 

We count the total number of unique hosts reporting to Splunk APM per minute, then calculate the average of these per minute measurements across each billing month, as well as 50% of the peak of all the per minute measurements of the billing month. The higher value of the two will determine the use for that month.

 

What is a Standard Metric and what is a Custom Metric? 

A metric is defined as the unique combination of a metric name and its dimension values. For example, a metric name of api.call.count that has a hostname dimension with 100 values would generate 100 unique metrics.

Standard metrics are the system and service metrics sent by default by Smart Agent in addition to those reported by supported public cloud providers (Amazon Web Services, Microsoft Azure, Google Cloud Platform) for hosts and containers. Standard metrics are included as part of a host or container subscription.

Metrics reported to Splunk Infrastructure Monitoring and Splunk APM outside of standard metrics are considered custom metrics. Custom metrics are typically used for application monitoring, such as counting the number of API calls or measuring the duration of API requests.

 

What are high-resolution metrics and when should I use them? 

High-resolution metrics are processed by Splunk Infrastructure Monitoring and Splunk APM at their native resolution or at 1-second resolution (whichever is coarser). In contrast, metrics that are not designated as high resolution are processed by Splunk Infrastructure Monitoring and Splunk APM at the coarser of their native resolution or 10-second resolution. High-resolution metrics enable exceptionally fine-grained and low-latency visibility and alerting for your infrastructure, applications and business performance.

 

When should I consider usage-based pricing? 

Usage-based pricing is well suited for monitoring serverless environments or cloud services that don’t provide a view of underlying hosts. It is also ideal for customers who want granular control of their monitoring service spend.

 

How many containers can I monitor with a host-based subscription plan?

Our Standard Edition comes with an allocation of 10 containers per host, while the Enterprise Edition provides 20 containers per host. This allocation is pooled, rather than tied to each of your specific hosts. For example, if you purchase an Enterprise subscription for monitoring 10 hosts, you can monitor 200 containers (10 hosts x 20 containers) spread across all 10 of those hosts. If you need additional container capacity, you can either purchase container capacity a la carte per container/month, or purchase more host-based licenses.

 

How do you provide security for my data? 

Splunk Infrastructure Monitoring and Splunk APM were designed from the ground up with security as a key tenet, using best-in-class technologies, infrastructure, and development practices to safeguard customer data while delivering low latency, and real-time performance.Splunk Infrastructure Monitoring and Splunk APM ensure data security by using TLS 1.2 for data in motion and encrypting customers’ secrets data in rest using AES 256 bit encryption. Splunk Infrastructure Monitoring and Splunk APM currently hold the SOC 2 Type 2 attestation covering the trust criteria for security, availability, and confidentiality. For details on how Splunk Infrastructure Monitoring and Splunk APM are keeping your data secure, please refer to our security whitepaper. 

 

How do you handle overages? 

Splunk Infrastructure Monitoring and Splunk APM provide complete transparency, flexibility, and control to meet your usage needs. Monthly charges are based on average usage during the month, so overages are incurred only if the average monthly usage is above your allocation.You get transparent and daily detailed reports on all monitored hosts, containers, and metrics. You can enable proactive alerts as you approach your purchased capacity, and you can control how to right-size your deployments by purchasing additional capacity or dialing back usage. You can also manage and monitor Splunk Infrastructure Monitoring and Splunk APM usage across your organization. By allocating tokens to your internal teams, you can manage usage at the individual team level. 

 

Do you provide volume discounts? 

Volume discounts are available for each of our plans. Contact us for details.

 

What is infinite logging? And how does this relate to ingested and indexed data?

Infinite logging enables you to bring in all your observability logs to Splunk Log Observer. With Infinite logging, you can dial in logs you want to shape with context and be readily searchable, and logs you want to see once in a live tail view, then direct for compressed storage in storage you own (for example, Amazon S3). 

 

So, do I buy hosts, or do I buy usage?

Splunk Log Observer is designed to provide pricing that is easy, but also, can be tailored to “o11y” your needs. For many customers, all you need to do is count the number of hosts you’re logging from. Each host provides a generous amount of built-in indexing and ingestion. If you have a lot of logs per host - perhaps a lot of debug logs, you can add indexing and/or ingest capacity. 

 

What happens if there is an overage - I sent more logs than I purchased?

First, don’t worry! Unless we see an extraordinary volume, we won’t stop logging or billing you more. We’ll reach out, let you know what we’re seeing, and see what the right path is. Perhaps there were logs you weren’t anticipating, and our pipeline management can filter that out. Or, you really have a lot going on and you need to log it - we’ll figure it out together. 

 

I’m already a Splunk Cloud customer, can I apply some of my capacity to pay for this amazing product? 

Let’s talk! Just reach out to your account manager and we’ll figure out the best path for you.

 

Is Splunk Log Observer a standalone product that I can purchase on its own?

No, not at this time. Splunk Log Observer offers some new experiences in exploring logs, devops-oriented log consumption and live tail capabilities that your developers and SREs will love. But, those capabilities shine most when you can move from an exemplar trace to a log in one click, or see in a single click whether your infrastructure is contributing to performance issues that are written out in logs.

Read Only Users

Splunk On-Call now offers licenses for “Read Only Users.” These discounted user seats allow a team to notify Read Only Users about select incidents via email or SMS. Read Only Users will be able to log into Splunk On-Call to see these notifications and incident update history. Mobile notifications are not available for Read Only Users.

 

Additional Users

Organization admins can add full access users through the administrative portal, and either Splunk will immediately charge the customer’s credit card for the prorated amount for the current term, or if the customer does not have a credit card on file, then Splunk will invoice the customer for the additional permitted users in accordance with the Terms. For adding Read Only Users, please reach out to your account manager or support.

*At present, only available in the US. Contact our sales team for more details.