Product News & Announcements
All the latest news and announcements about Splunk products. Subscribe and never miss an update!

Log Observer Connect Now GA!

nicograham
Splunk Employee
Splunk Employee

Hello Admins, Ops leaders, SREs, Developers, and then some! This just in...Splunk Log Observer Connect for Splunk Enterprise, previewed at .conf21, is now generally available!

Log Observer Connect is a new feature that lets observability users (i.e. SRE, Developers, CloudOps folks) explore the data already being sent to existing Splunk instances with Splunk Log Observer’s intuitive no-code interface, part of Observability Cloud, for faster troubleshooting and root-cause analysis (which ultimately leads to amazing customer experiences!)

Why is this feature important?

You do a lot with log analytics. You leverage logs for compliance, to respond to security incidents, to investigate issues, to understand the behaviors of users, to put out fires, start fires, build cabins, and more. Logs and centralized log monitoring are critical components of an effective observability strategy but, for new cloud-native environments and microservices-based applications, logs alone are not enough for the real-time monitoring and troubleshooting required to maintain SLAs and deliver great user experiences from modern web/mobile apps. For complete visibility into customer experience and system health, teams need to leverage metric and trace data in context with log data to troubleshoot issues quickly, which is increasingly important as the cost of downtime and latency goes up. 

All of Your Data in Splunk?!  Yes! Here are the deetz: 

Splunk Observability gives SRE and DevOps teams the ability to analyze metrics, trace, event, and log data, all in context. Analyzing all telemetry data in one tool is important because for most of our Observability users if there is an issue with an application, they first go to the dashboard for that application in order to see the infrastructure metrics, application metrics, and related logs for fast insights. Users need to see the logs that correspond to a metric or trace (or chart or service map) directly within the same experience, without needing to be experts in a query language. This is where Log Observer Connect comes in, providing a log investigation experience integrated in Splunk Observability Cloud.

nicograham_0-1641841193704.png

Log Observer Connect allows Splunk users to centralize their observability data alongside their security, analytics, compliance, and other log data in Splunk Enterprise, in Splunk Observability Cloud so SREs and developers can troubleshoot mission-critical applications quickly. If you are an existing Splunk Enterprise customer who has Splunk Infrastructure Monitoring, Splunk APM, or Splunk Observability Cloud licenses, you can start using Log Observer Connect right away at no extra cost. With this integration, it’s easier than ever to consolidate tools and have centralized log management for improved observability and operations. And for more advanced investigations, post-incident reviews, and security, teams can leverage the power of Splunk Enterprise. It’s the best of both worlds. 

nicograham_1-1641841193681.png

With Log Observer Connect You Can: 

  • Centralize your data and data management - Different teams in your organization may be leveraging Splunk for different use cases or other tools. Simplify management and build an operational center of excellence with all of your data centralized on Splunk.
  • Explore Splunk Enterprise data, correlated with metrics and traces through the Log Observer interface to reduce MTTR and get more out of your existing investment.
  • Get started quickly with minimal configuration changes, leveraging existing Splunk Universal Forwarder and technical add-ons (TAs) in addition to OpenTelemetry.
  • Improve customer experiences - Access the no-code Log Observer experience and related content links for faster troubleshooting and root-cause analysis.

With Splunk’s best-in-class observability capabilities integrated with Splunk Enterprise, teams across your organization can harness the power of a unified observability solution that will scale with you to monitor mission-critical applications and quickly understand and optimize the customer experience. 

Start Exploring Splunk Enterprise Data in Log Observer: 

Consolidate your tools on Splunk. Get the most out of your existing Splunk data by connecting it to your observability workflow via Log Observer Connect.

To set up Log Observer Connect, follow these steps:

In Observability Cloud, go to Organization Settings > Log Observer Connect to set up a connection with Splunk Enterprise.

  • In Splunk Enterprise, follow the instructions in the integration wizard to do the following:
    • Create a new Splunk Enterprise role.
    • Select the Splunk Enterprise indexes that you want to search in Log Observer Connect.
    • Create a new Splunk Enterprise user.
    • Secure your connection by adding certificates.

You can find more detailed instructions in our Log Observer documentation

If you haven’t explored Splunk’s Observability portfolio yet, you can dive right in here or start a free trial to see how you can expand your use cases, and make your operations better - and life easier! Thanks for reading about the awesome new Log Observer Connect integration! Make sure to connect with us on what you’re most excited about! Make a comment below, if you'd like to share your feedback with us 😁.

O11y pun time. O11y = Observability:

Splunk has O11y you want and more! And, as Janet Jackson would say… it’s O11y for you.

Check out the Log Observer Connect Tech Talk for more guidance on how to get started!

— Nico Graham, PMM, Observability at Splunk

 

dhamo1986
Loves-to-Learn Lots

Hi nicograham,

Thanks for the information.

How to do Integration of Cloud Foundry Platform to Splunk Observability Cloud?

We are using SAP Business Technology Platform(Cloud Foundry) as PAAS and our java and node.js applications are deployed on Cloud Foundry Platform.
we want to drain application logs to Splunk Observability Cloud. Please provide implementation steps.
Currently we are using Kibana service for log monitoring on SAP Business Technology Platform(Cloud Foundry).

Now we want to drain syslog and application log to Splunk Observability Cloud from SAP Business Technology Platform(Cloud Foundry).
We need all necessary steps to set-up integration from SAP Business Technology Platform(Cloud Foundry) to Splunk Observability Cloud.

We want to use Infrastructure Monitoring, Application Performance Monitoring, Application Log monitoring(Splunk Log Observer), Splunk Synthetic Monitoring and Splunk Real User Monitoring
features of Splunk Observability Cloud.

We like features of Splunk Observability Cloud but we don't know about integration set-up of Splunk Observability Cloud with Cloud foundry Platform application.
We are new to splunk and want to do simple PoC on it with integration set-up.

We need your help here so that we can take decision to use Splunk Observability Cloud in our all products for monitoring.

If Splunk Observability Cloud integration with Cloud foundry Platform not possible then give us alternate ways to do PoC.

nicograham
Splunk Employee
Splunk Employee

Hey @dhamo1986 !

Nice to meet you and thanks for reaching out. CloudFoundry is a supported integration of Splunk Observability Cloud. You can see more information here: https://docs.splunk.com/Observability/gdi/cloudfoundry-firehose-nozzle/cloudfoundry-firehose-nozzle.... 

Can you share your contact information and I can put you in touch with someone to help get you started or potentially set up a POC? In the meantime check out our free trial https://www.splunk.com/en_us/observability/o11y-cloud-free-trial.html

 

Let me know if this is helpful (: 

dhamo1986
Loves-to-Learn Lots

Hi nicograham,

Thanks for your immediate reply with information.

My email id is : dharmendra.dobariya06@gmail.com

Even I need information regarding data retention/archival policy of Splunk Observability Cloud.

 

 

 

 

nicograham
Splunk Employee
Splunk Employee

@dhamo1986 thank you for sharing. Let me track down the best person to help you and get back to you by next week!

dhamo1986
Loves-to-Learn Lots

Dear nicograham,

Thanks for the reply.

We are using SAP Business Technology Platform(Cloud Foundry) as PAAS and our java and node.js applications are deployed on Cloud Foundry Platform.
Currently we are using Kibana service for log monitoring on SAP Business Technology Platform(Cloud Foundry).

We want to use Infrastructure Monitoring, Application Performance Monitoring, Application Log monitoring(Splunk Log Observer), Splunk Synthetic Monitoring and Splunk Real User Monitoring
features of Splunk Observability Cloud.

We have done integration of dynatrace with SAP Business Technology Platform(Cloud Foundry) for our applications and it working fine in PoC.

We like features of Splunk Observability Cloud but we don't know about integration set-up of Splunk Observability Cloud with Cloud foundry Platform application.

Our applications are deployed on SAP Business Technology Platform(Cloud Foundry) so we need support from splunk SME in terms of Integration feasibility.

If we are able to do integration with Splunk Observability Cloud then we we will use paid services of Splunk for our all products.

We really need good support from spunk team in terms of integration so that we can take decision to go with Splunk otherwise we can go with Dynatrace.

 

 

 

 

 

 

 

 

 

nicograham
Splunk Employee
Splunk Employee

@dhamo1986 thank you for sending this detail over! This is great information.

Can you confirm what company this is for so I can get a team to help you out. Is this DOBARIYA Group?

We have great integrations with  SAP Business Technology Platform (Cloud Foundry), and I am tracking down the best specialist to help set up a call and answer any questions you have. 

dhamo1986
Loves-to-Learn Lots

@nicograham ,

Thanks for your reply.

I sent private message to you for further information.

dhamo1986
Loves-to-Learn Lots

Dear nicograham,

We really need support from splunk to do PoC.

Can you please provide help for the same ?

Get Updates on the Splunk Community!

Index This | I am a number, but when you add ‘G’ to me, I go away. What number am I?

March 2024 Edition Hayyy Splunk Education Enthusiasts and the Eternally Curious!  We’re back with another ...

What’s New in Splunk App for PCI Compliance 5.3.1?

The Splunk App for PCI Compliance allows customers to extend the power of their existing Splunk solution with ...

Extending Observability Content to Splunk Cloud

Register to join us !   In this Extending Observability Content to Splunk Cloud Tech Talk, you'll see how to ...