Using the Performance Insights for Splunk app

This guide explains how to use the app Performance Insights for Splunk (PerfInsights) to diagnose and identify potential performance issues in Splunk platform deployments and premium applications. By diagnosing performance issues in your own environment you can reduce time to resolution, improve user satisfaction, lower reliance on Splunk Support, and address potential problems before they become critical.

PerfInsights can be installed on both Splunk Cloud Platform and Splunk Enterprise deployments. It uses internal indexes to gather and calculate key metrics, providing a good overview of system stability and performance. It does not collect new data; instead, it uses data already gathered by the Splunk platform. This ensures there is no performance overhead when installing the tool in your environment.

PerfInsights uses additional resources during active investigations because its dashboards generate extra searches. Resource usage varies with the investigation's length and the time span of indexed data. To minimize this overhead, the dashboards are designed for efficiency, utilizing indexed field equality operators and search result reuse.

PerfInsights is not an active health monitoring app. It will not generate notifications or make assumptions about your deployment's health. The metrics it provides are open to interpretation because a potential problem in one environment could be perfectly normal in another.