Product News & Announcements
All the latest news and announcements about Splunk products. Subscribe and never miss an update!

Observability Highlights | Feb. 2022 Newsletter

Splunk Employee
Splunk Employee

Back to Feb. 2022 Newsletter

22-22471-Customer Success Monthly Account Newsletter-101-observ-01.jpg


February 2022 Highlights  



Enhanced Filters

Filter your RUM views faster than ever before. Look for screens and URLs that you care about by adding a '*' to match against a simple keyword that is included in your RUM metrics. RUM has added support for case insensitive matching as well as starts-with (keyword*), ends-with (*keyword), and contains (*keyword*) matching of your high cardinality RUM metrics metadata.


Infrastructure Monitoring

AutoDetect for simplified, out-of-the-box alerting

Expand your infrastructure monitoring capabilities for both on-premises and in the cloud with AutoDetect for simplified, out-of-the-box alerting - a new feature in Splunk Infrastructure Monitoring available today at no additional charge. AutoDetect helps you get started in minutes to detect problems with your critical infrastructure components and services for quick time-to-value.

Remove pain and complexity of having to manually setup your environment and automatically discover anomalies in your infrastructure within seconds. With intuitive alert integrations and workflows to Splunk Observability Cloud, enjoy an immediate, comprehensive understanding of your infrastructure state - all from a single, consolidated view for faster time to resolution.

Sign up for a free trial of Splunk Infrastructure Monitoring and get a real-time view of your infrastructure across your IT environment on-premises and in the cloud.



Optimize slow or frequently executed queries with Database Query Performance in Splunk APM!

Database Query Performance in APM helps you identify slow or frequently executed queries that affect service performance. You can also compare aggregate trends in query performance against historical time windows and correlate queries against application components, such as incoming service or endpoint.

Existing Splunk APM customers can start using this immediately for free. Database Query Performance currently supports major SQL-based database types, without requiring any additional instrumentation. Learn more here.

View available spans of a trace before trace completion with Ongoing Traces!

Have you ever had a trace ID in your Jenkins job notification, logs or developer console, but couldn’t find the trace in APM? Previously, Splunk APM would only allow access to a trace once the transaction was completed (all spans for the trace were received and assembled).

Ongoing traces enables you to search for and view a trace that’s still being assembled, using the Trace ID. You can view available spans and refresh the trace to load new spans that are received in real time, giving you immediate visibility into ongoing traces. Learn more here.



Splunk Synthetics Enterprise Security Enhancements

Splunk Synthetics recently released a series of updates designed to meet the sophisticated security needs of global enterprises.  These updates included launching support for SSO via SAML 2.0, adding the ability to conceal global variables used in synthetic tests, and upgrading the Splunk Synthetic Browser to Chrome version 97, which includes 38 known security patches.



 22-22471-Customer Success Monthly Account Newsletter-102_800x200-body1.jpg



Observability Suite

Access Tokens

Access Tokens in Splunk Observability platform can be used for Data ingestion, RUM or APIs. These tokens are currently valid for 5 years, however the industry standard is 1 year or less.  As a result, we are adjusting the lifetime of newly issued access token secrets downward to 1 year, from 5 years.

This change is not retroactive, and existing access tokens continue to honor their potentially longer expiration dates. Organization admins will continue to get email alert notifications 30 days prior to their token expiration.

Deprecation of support for SHA1 signed SSO Integrations

In order to ensure secure authentication processes for all Splunk Observability Cloud customers we have already deprecated support for new SSO certificates signed using the SHA1 hashing algorithm. Configuring new integrations using SHA1 is already disabled. On 2 April, 2022 we will be disabling the use of this algorithm for authentication.

Customers with existing SHA1-signed certificates will need to generate new certificates via their SSO provider and rotate these credentials in the SSO configuration. Splunk Support can assist customers if necessary with this rotation.



Splunk Ideas: Turn your idea into a new feature

Have you ever thought about an idea and wished that you could share it directly with fellow Splunk experts and builders? Now you can. In the Splunk Ideas portal, you can search for, vote on, and request new enhancements (called an idea) for any of the Splunk solutions.


There is always a lot to talk about at Splunk! Every month we share timely news and announcements through our Platform, Security and Observability newsletters. 

Sign up now to receive the newsletter in your inbox. 

Sharing is caring! Feel free to share the newsletter with your colleagues.

Happy Splunking!


Back to Feb. 2022 Newsletter

Get Updates on the Splunk Community!

Admin Your Splunk Cloud, Your Way

Join us to maximize different techniques to best tune Splunk Cloud. In this Tech Enablement, you will get ...

Cloud Platform | Discontinuing support for TLS version 1.0 and 1.1

Overview Transport Layer Security (TLS) is a security communications protocol that lets two computers, ...

New Customer Testimonials

Enterprises of all sizes and across different industries are accelerating cloud adoption by migrating ...