AMER Community Office Hours: Splunk 10.0 Upgrade - Thur 12/11/25

Community Office Hours
×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

AMER Community Office Hours: Splunk 10.0 Upgrade - Thur 12/11/25

AMER Community Office Hours: Splunk 10.0 Upgrade - Thur 12/11/25

1 Comment
Cover Images - Office Hours (23).png
Published on ‎10-28-2025 05:13 PM by Splunk Employee | Updated on ‎12-12-2025 10:52 AM

[Register hereThis thread for the Community Office Hours session on Splunk 10.0 Is Here: Your Guide to a Smooth Upgrade Journey_AMER on Thur, Dec 11, 2025 at 1pm PT / 4pm ET.

Ask the experts at Community Office Hours! An ongoing series where technical Splunk experts answer questions and provide how-to guidance on various Splunk product and use case topics.

What can I ask in this AMA?

  • What is included in Splunk 10?
  • What are the key innovations in Splunk 10 that customers should know about?
  • What is the benefit of upgrading to Splunk 10?
  • How can I upgrade to Splunk 10 and what is inclusive of upgrade readiness?
  • How can I use the Splunk Health Assistant Add-on? (address EOL Upgrade Readiness App)
  • SCP vs Splunk Enterprise Upgrade Readiness
  • What are the breaking changes customers need to be aware of and action on?
  • Anything else you'd like to learn!

 

Please submit your questions at registration.
You can also head to the #office-hours Community Slack channel to ask questions (sign-in with SSO here).

Pre-submitted questions will be prioritized.
After that, we will open the floor up to live Q&A with meeting participants.

We look forward to connecting with you!


0 Karma
vvalverde
Splunk Employee
Splunk Employee
yesterday
yesterday

Hi everyone! Here are a few questions from the session (get the full Q&A deck in the #office-hours Slack channel):

Q1: What are the new features and tools in dashboard studio with v10.0?

Splunk Enterprise 10 Features

  • Publication of dashboards
    • This was the top requested feature for Dashboard Studios in Splunk Ideas!
    • Splunk users can now share impactful, visually engaging dashboards with peers, analysts, and executives—delivering insightful data to drive informed decision-making, all without compromising security.
  • Easily add Splunk Observability Metrics and Service Maps in Dashboard Studio.

Splunk Cloud 10 Features

  • Users can now directly navigate to the Observability Cloud detector page from their metric based chart in Splunk Dashboard Studio.
  • Improved experience when working with Tabs in Dashboard Studio.
    • Save visualizations/reports directly to a specific tab in their dashboard from the search and reports page.
    • Drilldowns and Dashboard links can now target a specific tab.

Q2: What are the KV store upgrades needed for V10?

  • Starting with Splunk Enterprise 9.4, the upgrade process will attempt to sequentially bring MongoDB up to 7.
  • Splunk Enterprise customers must be at least on MongoDB 4.2 before upgrading to Splunk 10.
  • The upgrade process will automatically attempt to upgrade KVStore and should not require manual intervention. 
  • For Splunk Cloud customers, Splunk will handle the upgrade.

Q3: What are the key security considerations when developing and deploying Splunk apps?

  • Splunk apps should be treated like any other kind of software development regardless of the perceived complexity of your app.
  • Ensure that apps follow the principle of least access (i.e. your app and its features should request/require the lowest possible specific level of access). 
  • Avoid heavy reliance on persistent disk storage (i.e. use KV Service instead of writing data to disk).
  • Splunk provides multiple tools for best practice scanning and guidelines for Splunk Cloud app development that are generally applicable.

Other Questions (check the #office-hours Slack channel for responses)

  • When will ingest monitoring be available to Enterprise customers?
  • How does Splunk version 10.0 work with ES?
  • What are some new features for Indexers and Search Heads?
  • Please elaborate on “Sidecars”

  • How much Splunk supports Gen AI?

  • Integration with teams or slack for alert notification posting.

0 Karma