What's New in Splunk Observability Cloud and Splunk AppDynamics - May 2025

This month, we’re delivering several new innovations in Splunk Observability Cloud and Splunk AppDynamics (25.4 release) to help improve ITOps and engineering teams' ability to detect and resolve business-impacting incidents faster with less toil. 

Splunk Observability Cloud’s latest updates deliver powerful upgrades for engineers running modern, cloud-native apps—improving Kubernetes troubleshooting, JavaScript and mobile crash visibility, and log-in-context search. We have also introduced our first major integration between Splunk Observability with ThousandEyes to help accelerate mean time to innocence (MTTI) between teams and enhance collaborative troubleshooting.

Splunk AppDynamics continues to deliver innovations that help ITOps teams find issues faster, cut through alert noise, and stay in control of their n-tier apps and infrastructure.  This month’s innovations bring smarter search, flexible tagging, and enhanced AI-driven insights across hybrid and on-prem environments. 

Splunk Observability Cloud Releases 

• RUM Crash Symbolication: This feature converts memory symbols from stack traces into human readable code lines for iOS and Android and informs users if the crash is not symbolicated or is missing symbol files.  This helps to reduce the time and effort needed to diagnose and resolve mobile application related incidents. Users can upload mapping files via CI/CD or the Observability Cloud user interface. Users do not need to separately enable symbolication. This feature is now available for all Observability Cloud customers who have crash reporting enabled.  Learn More. 

• SourceMap Support for Browser RUM: This feature converts minified JavaScript error stack traces into human readable code lines and informs users if the JavaScript error is not symbolicated or missing from a source map. This helps to reduce the time and effort to diagnose and resolve JavaScript errors. Users can upload mapping files via CI/CD or the Observability Cloud user interface. This feature is now available for all Observability Cloud customers who have JavaScript error monitoring enabled.  There is no separate entitlement needed for source map support, and this feature is compatible with 0.19.2 of the agent and beyond post release. Learn More.  

• Splunk APM & Thousand Eyes Integration: With this release, ThousandEyes users can now have greater visibility into application traces from Splunk APM to improve their mean time to innocence (MTTI) and cross-collaborate with application engineering teams quickly to identify if an incident is indeed originating from the network or within the application itself.   With this seamless visibility, teams increase productivity in incident response and ultimately resolve issues faster – all with less finger pointing. So, whether a customer needs to: quickly diagnose failing ThousandEyes tests, understand if slowness is from the network or application layer, view trace topology and key intra-service metrics in context of a ThousandEyes test, or easily set up tests for services instrumented in Splunk Observability Cloud from the ThousandEyes UI this integration makes it possible.  Learn More. 

Splunk Observability Cloud integration with ThousandEyes

• Custom Roles in Splunk Observability Cloud – write privileges: With this new release, Splunk Cloud admins can tailor what privileges and data access a Splunk Observability Cloud user has for better control, security and compliance in their workflows. At this stage, admins can control “write/edit” access only (not yet “read” permissions). These custom roles experiences are only available through Unified Identity with centralized access control. Learn more. 

• Magnetic Page Header/Breadcrumbs: We’ve made UI changes in the Observability Cloud wide page headers to drive a more cohesive experience and enable users to understand where they are in the product. The header includes branding and utilities that trigger menu dropdowns, like profile, help, and notification hub icons.  

• Archived Metrics UX Improvements: We’ve made changes to the Archived Metrics interface so users can more easily create exception rules and restore historical data of archived metrics within the chart/detector builder UI, for a more intuitive data management experience. Learn more.

New UX Improvements to Archived Metrics

• Utility Ranks in Usage Analytics: New utility ranks in Metrics Usage Analytics reveal exactly where and how each metric is used, giving you the granular insights needed to confidently optimize, archive, or drop unused data. Learn more 

Utility Ranks - Metrics Analytics Usage

• Free-Text Search in Embedded Logs for Kubernetes Navigator: This new release allows users to quickly search for and refine logs directly within Splunk APM’s Service Centric View (SCV) and Kubernetes Navigator, Charts & Dashboards, allowing them to remain in context as they look for specific logs and reduce the need for tool switching during issue resolution. Learn more at these links: Kubernetes Navigator, Dashboards, APM.  

• Synthetic Monitoring - Client Certificate Authentication: This feature provides the ability for Synthetic Monitoring users in Splunk Observability Cloud to store and use client certificates in browser, API and HTTP tests for mTLS authentication.  This helps to validate security and trust between the Splunk Synthetic agent and your target app or server that requires mTLS authentication, so you can ensure secure, uninterrupted services for your customers. Learn more. 

Splunk AppDynamics Releases 

• Tagging User Interface: introduces a graphical way to define and assign tags to entities, enabling users to discover and dynamically organize data across your entire observable stack. You can use tags in alerting, filtering, searching – allowing you to limit the health scope of entities, and quickly troubleshoot and analyze the root cause of issues. 

• High Availability Monitoring of Always-On Clusters and Database Files for SQL Servers: Improve the monitoring and troubleshooting of Always On clusters and quickly find the root cause of spikes in disk storage in the event of any cluster failover or an availability group going offline.  

• Improved Search for Server Infrastructure Monitoring: New typeahead search in the metric browser saves your time and helps you find your node or server name so that you can select the desired metric and add it to the metric browser.  

• Anomaly Detection for Database Monitoring: Automatically detect database issues before they impact business transactions. AI/ML-powered anomaly detection requires no manual configuration (like health rules), auto-detects anomalies and alerts on calls-per-minute, number of connections and time spent in executions and allows you to customize model sensitivity as needed. 

• Automated Transaction Diagnostics (virtual appliance): ATD uses machine learning to identify and analyze abnormal behavior in your application transactions snapshots, even before it becomes severe enough to trigger alerts. It helps you proactively address potential issues by pinpointing the root cause of performance bottlenecks and anomalous behavior without having to scroll through dozens or even hundreds of snapshots – saving you time and reducing the troubleshooting learning curve. 

• Application-level Alert Filters for Vulnerability and Attack Detection: Add an application filter when you configure alerts for vulnerabilities, attacks and changes to business risk.  Rather than receiving alerts for every application, you can now reduce your alert noise by specifying only the applications you care about, while ensuring that these alerts are only shared with the relevant teams. 

• RUM License Allocation: New EUM licenses rules provide better control of license management to allocate the unified RUM licenses across BRUM and MRUM applications as needed.  To ensure the most efficient usage of license, you can now define the desired allocation (% or number of units) of your purchased unified RUM licenses across MRUM and BRUM.  This ensures that a product or a specific application does not over consume and leaves critical applications without license units. 

• AppDynamics on Azure: We have upgraded our Splunk AppDynamics SaaS offering on Microsoft Azure in the Toronto region to 25.1 parity. Now, Azure customers are able to align their observability tools with their cloud service platform of choice, expanding our global presence and enabling compliance with industry or company-specific regulatory requirements.  While AppDynamics on Azure is hosted in the Toronto region, it is available to customers worldwide.  

What’s in Preview Now?  

AppDynamics Session Replay for BRUM and MRUM: We are looking for BRUM and MRUM customers to test out our latest session replay capabilities.  Session Replay for Real User Monitoring records each user’s interactions in a browser or mobile application so that you can understand the sequence of events leading up to a problem.  Session replay helps developers troubleshooting problems that cannot be replicated in staging, helps designers to understand real user behavior to optimize user journeys, and aids in security investigations by tracking the action of malicious users. If you are interested, speak to your customer-success team.