1. What is the goal of those questions? You haven't just woken up one day and decided that you want to know "everything about Splunk" without actually learning Splunk.

2. Have you actually tried searching any of those things on your own? Where? What are your results? Do you have any doubts or don't understand something you'd already found?

Also - I'm merging your two separate threads about the same subject.

Thank you for the question.

Below is the consolidated list of User Experience Monitoring (UXM) requirements that drive our evaluation, questions, and deliverables. These requirements are derived from mission needs and are intended to support requirements-based validation, not general product familiarization.

The UXM solution must be capable of:

• Measuring user experience “at the glass” with quantitative, actionable metrics

• Detecting and diagnosing UX and performance degradations in near real time

• Correlating IT operator changes to service improvements or degradations regardless of change source

• Monitoring endpoint, network, application, and cloud service performance across the AFIN

• Supporting time-series analysis, anomaly detection, alerting, and capacity planning

• Providing centralized, standardized, and interoperable UX metrics

• Supporting decision-making, SLA validation, and vendor accountability

• Monitoring either 100% of the environment or statistically significant samples

• Utilizing built-in vendor metrics while maintaining transparency in metric definitions

• Supporting ETL, data ingestion, analytics, and data lake scalability

• Enabling wide data sharing without additional licensing or access costs

• Enforcing privacy protections (no user profiling)

• Supporting configurable data retention (short-term detail and long-term trends)

• Providing collector-level APIs for near–real-time access

• Meeting DoD security, RMF, logging, authentication, least-privilege, and compliance requirements

• Supporting patching, vulnerability management, intrusion detection, and auditability

These requirements are formally captured and traceable through UXM deliverables such as the RTVM, Tool Set Evaluation Report, MVP Architecture, RMF Package, and Operations & Maintenance artifacts.

Accordingly, all clarification questions are intended to determine capability alignment, architectural fit, security posture, scalability, and operational suitability of proposed solutions against these defined requirements.

Please let us know if additional clarification is needed on any specific requirement area.

Respectfully,
Abrahameen

You're mixing requirements for different products and services (Splunk Enterprise/Cloud, o11y, RUM, ITSI, you name it...). This is not a topic for community. This is something you need to engage your local Splunk Partner for.

Thank you for the feedback on our UXM requirements. To dive deeper into topics like architecture, scale, and enterprise deployment, could you please point me to the appropriate account team or solutions architect we should engage with?We want to ensure our discussions are with the right experts who can provide guidance on supported designs and operational considerations.

This is a really solid set of requirements, and honestly, you’re asking the right questions. You’re well past “does the product have feature X” and deep into “does this actually work at scale, under real constraints, without breaking policy or budgets.”

At a high level, yes, the kind of UXM you’re describing is achievable. But a lot of what you’re asking about lives in the gray space between product capability, architecture, deployment patterns, and licensing. Things like true “at the glass” experience, meaningful change correlation across domains, privacy-safe data collection, and enterprise-wide data sharing aren’t things the community can answer with a simple yes or no.

That’s also where you’re probably starting to hit the ceiling of community help. These are the kinds of questions that really need to be walked through with your Splunk account team and solutions architects who can talk specifics around supported designs, scale limits, and how this plays out in real environments.

If you want to go deeper or compare notes (or flat out running into a wall with who to contact), feel free to message me directly. I’m working with a other similar groups in the tackling very similar UXM problems, and I’m always happy to nerd out on architectures, tradeoffs, and what actually works in practice.

Thank you for the feedback on our UXM requirements. To dive deeper into topics like architecture, scale, and enterprise deployment, could you please point me to the appropriate account team or solutions architect we should engage with? We want to ensure our discussions are with the right experts who can provide guidance on supported designs and operational considerations.

I'm not able to sent message to you directly "You have reached the limit for number of private messages that you can send for now. Please try again later." Yes, we’re focused on the federal side.

Hi @ARC1 

It seems like your questions would be better answered by Splunk's internal teams rather than the community due to the specific nature of the request. 

Do you already have a contact at Splunk that you can speak to? If not you might want to reach out via https://www.splunk.com/en_us/about-splunk/contact-us.html or speak to one of your local Splunk Partners (https://www.splunk.com/en_us/partners.html)

🌟 Did this answer help you? If so, please consider:

• Adding karma to show it was useful
• Marking it as the solution if it resolved your issue
• Commenting if you need any clarification

Your feedback encourages the volunteers in this community to continue contributing