Implementing observability use cases in the Splunk platform
Implementation guide
To start getting data into your Splunk deployment, configure an input. There are several ways to do this. For the most straightforward option, use Splunk Web or Splunk Edge Processor. With a Splunk platform deployment, you might need to configure a universal forwarder to send the data to your Splunk Cloud Platform instance. Alternatively, you can download and enable apps and add-ons, such as the Splunk Add-on for Unix and Linux. See Use apps and add-ons to get data in for more information.
After you configure the inputs or enable an app, your Splunk deployment stores and processes the specified data. You can go to either the Search & Reporting app or the main app page and begin exploring the data that you collected. Apps like Splunk IT Service Intelligence provide enhanced data exploration, monitoring, and alerting features.
For more information see Getting Data In.
Success measurement
When implementing the guidance in this adoption guide, you should see improvements in the following:
- Helps ITOps teams prioritize actionable events so they can quickly find root cause and resolve critical incidents, resulting in quicker mean time to detect/repair (MTTD/MTTR)
- Improved event management
- Greater customer satisfaction
- Improved IT Operations posture