Skip to main content


Splunk Lantern

Remediation overview


After the root cause of an incident is determined, the incident might need to be rerouted to the appropriate support team to remediate and bring the service back to normal. 

The guides in the next section use a fictitious company CS Corp and its Online Boutique application for context and discussion purposes. To ensure Online Boutique’s application availability, the importance of efficient incident response cannot be overstated. By using Splunk On-Call to send alerts, CS Corp will be able to stop manually updating spreadsheets, call trees, and email incident management. This tool empowers fast and efficient incident resolution. The guides will provide a detailed look at the basic configuration and processes necessary to improve CS Corp’s business outcomes. The pink box in the solution flow diagram below highlights the area we will focus on.


Remediation prescriptive outcome guide

This use case covers both the Incident Investigation and the Remediation focal areas of the AIOps lifecycle. 

Other use cases to consider

Use cases are specific to each organization, so also consider these thought starters as a way to help with your ideation of new use cases. 

  • Automated software restart. Software such as Windows services, Linux processes and executables are commonly stopped and restarted in order to resolve an incident.  These types of remediation actions can be automated using various Splunk Observability solutions. Although it is often a good idea to research these types of recurring incidents and eliminate the root-cause so automation isn't necessary, there are situations where doing so either will take too long or too many resources. In those situations, automated remediation is a good continuity solution.

What to do if you get stuck

Still having trouble? Splunk has many resources available to help get you back on track.

Next steps 

Now you're doing more with your data, get even more value through implementing additional use cases.