Skip to main content

Splunk unveils new observability functions at annual conference

Join us in Atlanta on April 10th and explore the landscape of security workforce. We will explore the vision, benefits, and use cases of AI for security teams. Request an invite here.


This week at its annual user conference, .conf21, Splunk rolled out a variety of new features, extensions, and observability functions to its popular collection of tools for tracking software performance. The new features gather more data from a wider range of machines in the cloud, on-premises, or at the edge while also opening up the opportunity for analysis to more company partners in what it calls the Partnerverse.

Observability at its core is a data opportunity, and to use that data effectively organizations need a solution that can help ingest and analyze high-velocity data across increasingly dynamic environments and architectures,” Spiros Xanthos, Splunk VP of product management, observability, and IT operations, said in a media advisory.

Monitoring is a technical solution that allows teams to watch and understand the state of their systems and is based on gathering predefined sets of metrics or logs. Observability functions are tooling or technical solutions that allow teams to actively use monitoring to debug their system.

The new platform known as DataManager gathers performance data directly from cloud instances. The company said it is now in preview with access to data from AWS and Microsoft 365 cloud, but Splunk promises that Azure and Google Cloud Platform will follow.

VB Event

The AI Impact Tour – Atlanta

Continuing our tour, we’re headed to Atlanta for the AI Impact Tour stop on April 10th. This exclusive, invite-only event, in partnership with Microsoft, will feature discussions on how generative AI is transforming the security workforce. Space is limited, so request an invite today.
Request an invite

The tool gathers the data, begins to sort it with a code layer called InjestActions, and then stores it for future analysis in a variety of locations, including back in the cloud itself in buckets, such as  AWS’s S3 storage. The new FlexIndex tool will track the data and also apply rules for storage triage in order to eliminate low-value information and reduce long-term storage costs.

Additional functionalities will help data stream management

Splunk is also highlighting better presentation and dashboarding functionalities to help developers and DevOps team cope with the relentless data stream. The Federated Search and Analytics layer can plow through data from a variety of sources in one unified interface. The information is linked to the Splunk Dashboard Studio, a tool that can now work directly with mobile devices for better access with smaller screens.

Roberto Besick, a Splunk developer at Sapura Navegação Marítima S.A. (Sapura Energy) in Brazil, said that his company has been testing the new features. “The native customization capabilities free up both new users and experienced creators from custom coding to focus on what matters: data analysis,” Besick said.

Splunk said that projects like this also will be helped by third-party developers and consultants who become members of its Partnerverse. The service is designed to help customers and consultants find each other by offering earned-credit badges in areas such as Cloud Migration Services, Zero Trust Services, Observability, Security, Managed Service, System Integration, and Authorized Learning.

The new program will be widely available in early 2022, the company said.

More information on the depth and breadth of the new platform can be found in the sessions of the virtual user conference, which runs from October 19 – 21.

VB Daily - get the latest in your inbox

Thanks for subscribing. Check out more VB newsletters here.

An error occured.