Skip to main content
Splunk Lantern

Proactive response


Engineering teams need observability tools that provide a single source of truth, enable them to share best practices across the org, and help them collaborate to minimize MTTR. They need to be able to confidently identify which sources of latency, errors, or anomalies impact services, workflows, and customers the most. At the same time, platform engineers need to monitor and maintain access and cost control of these observability tools so that everyone operates within budget. They also want to be able to monitor their entire hybrid-cloud landscape with a single platform.

With Splunk APM and Splunk Infrastructure Monitoring, engineering teams can use their existing logs alongside metrics and traces to get a single view of their entire hybrid cloud environment, connect infrastructure and application telemetry data to business metrics in order to prioritize issues, and cut through the complexity of large-scale cloud-native environments to isolate root-cause. In addition, built-in usage and access controls help enterprises meet their budget and data security requirements.

When unusual changes or anomalies in applications or infrastructure have been identified, Splunk On-Call is used to route incidents to the appropriate developers and site reliability engineers (SREs) - sending incidents to the right people at the right time.

Use Case Explorer for Observability
foundation_grey.png prioritize_grey.png proactive_black.png optimize_grey.png


Application performance monitoring

Splunk APM is the most advanced application performance monitoring and troubleshooting solution for cloud-native, microservices-based applications. With open and flexible instrumentation, NoSample™ full-fidelity tracing, collecting 100 percent of traces, a highly scalable streaming architecture, and powerful AI-driven directed troubleshooting, engineering teams can quickly and easily find the root cause of any issue. Splunk APM empowers your teams to:

  • Improve the user experience. By ingesting all traces, Splunk APM ensures that no anomaly goes undetected, so issues are alerted on before they affect customers.
  •  Accelerate developer productivity. AI-driven directed troubleshooting can quickly isolate traces and surface patterns that help SREs and developers pinpoint problems that impact the user experience and overall application performance. 
  • Future-proof applications. With open standards such as OpenTelemetry, Splunk Microservices APM helps you free your code from the constraints of any single vendor, enabling you to use the languages and frameworks that work best for you.

Infrastructure monitoring

Splunk Infrastructure Monitoring provides SREs and developers quick time to value with extensive, out-of-the-box integrations for automatic service discovery and pre-built dashboards so they can start monitoring in minutes for standard and custom metrics. It makes use of a real-time streaming architecture that massively scales with high resolution, full-fidelity data capabilities that powers instant, AI-driven analytics to reduce noise and fatigue. With customizable notifications and integrated workflows, Splunk Infrastructure Monitoring offers a comprehensive view of the entire technology stack at a glance, to intelligently pivot users to active alerts and drill down on instances with no dead end investigations. With quick time to resolution in isolating problems above the noise, we ensure service reliability of workloads in the cloud and optimize on business performance.

Automated incident response

Splunk On-Call helps you to identify the person with the right experience and expertise to work on any incident, and streamline on-call schedules and escalations. Use historical insights and audit trails for better active incident resolution, adding context to incidents and using resources like runbooks, articles and dashboards to help responders triage and resolve incidents faster.

Machine learning in Splunk ITSI

The machine learning capabilities of Splunk ITSI can help your teams go from reactive to proactive by correlating the volume of alerts coming in at different times. When you look at key performance indicators (KPIs) like error count or memory utilization, you know that those are supposed to be in a certain threshold consistently.

But what about a business KPI like revenue that changes based on the time of the day or the day of the week? This is where Splunk ITSI adaptive thresholding comes in. Splunk ITSI can assess a revenue KPI and determine by one hour blocks, for example, what is normal and what is an acceptable standard deviation. You can then configure an adaptive threshold so you only receive alerts when the KPI reports values outside of the deviation, specific to the day and hour.

You can also apply predictive analytics to service health scores and set up alerts for when services with dependencies might cause a problem downstream. That way, your team can react before an error becomes a major problem.

To learn more about these machine learning capabilities in Splunk ITSI, watch the following demo.

Explore proactive response


Splunk Training & Certification has a number of excellent courses for Splunk On-Call if you are looking for a more sequenced learning opportunity. Click here to learn more.