What's New
We’re excited to announce the latest enhancements to Splunk Observability Cloud and share what’s currently in preview across the Splunk Observability portfolio. These innovations are designed to help you resolve database performance issues faster, seamlessly correlate and search relevant logs in APM and Infrastructure Monitoring, and monitor your cloud services more easily. The following features became generally available on November 13, 2025.
Feature Highlight
Analyze your dimensions and metrics with Usage Analytics
To help optimize telemetry data volume, Usage Analytics offers two complementary analytical views:
- Individual metrics – This view provides insights into key numerical statistics, their utilization, associated dimensions, and specific components such as Detectors, Dashboards, and Charts in which they are used. The gathered information helps identify potential areas to optimize data consumption, specifically high-cardinality metrics that are not actively used.
- Individual dimensions – This view gives teams the ability to analyze usage of each dimension available in the system, both at a global level and within the context of specific metrics. Similarly to metrics, the Dimensions view provides detailed insight into dimensional statistics, their utilization, and lists all the components where they are used. Identified unused dimensions can be removed from specific metrics with Metric Pipeline Management.
Learn more in our documentation.
Additional Releases
Observability for AI: Infrastructure Monitoring Dashboard Support
We’ve added navigator and dashboard support for more AI technologies to ensure teams can monitor the health, availability, and resource utilization of AI components. With AI Infrastructure Monitoring, teams can now get visibility into their Cisco AI Pods, Nvidia NIMs, Milvus and Pinecone vector databases, LiteLLM proxy services, GCP VertexAI applications, and LangChain large language models (LLMs).
Learn more in our documentation.
Simply search for relevant data with Default / Bundled (App) and Archived Metrics in Metrics Usage Analytics (MUA)
Now teams have greater visibility into their metrics usage to understand what impacts cardinality spikes the most with a broader set of metrics available in Usage Analytics:
- Billing class: Default/Bundled (App) – This is an addition to the existing metrics from: Custom, Other, and Default/Bundled (Infra) billing classes.
- Data route: Archived – A new data route type is also supported by the new filtering functionality – based on both available data routes: Real-time and Archived.
Finally, the currently displayed number of Metric Time Series (MTS) will be adjusted according to the following billing formulas:
- 1 histogram MTS will be counted as 8 MTS
- 1 archived MTS will be counted as 1/10 of an MTS.
Learn more in our documentation.
Easily test SSL certificates and run tests on-demand with Synthetic Monitoring
We’re introducing two new capabilities in Synthetic Monitoring: SSL Certificate Tests and Run Now.
SSL Certificate Tests is a new test type that lets you verify the validity, expiration, and configuration of your SSL/TLS certificates. Monitor certificates proactively and get alerted about issues such as upcoming expirations, misconfigurations, or revocation before they impact your users.
Learn more in our documentation.
Run Now extends the existing Try Now experience by allowing you to execute synthetic tests on demand. When you trigger a test from the test summary page, the on-demand run is now saved to the run results list so you can easily review and share the details. This gives you the flexibility to run tests anytime and immediately analyze results without relying solely on scheduled runs.
Learn more in our documentation.
Never miss an issue with reminder notifications for Alerts
Ensure your team doesn’t miss critical alerts, even if the first notification was overlooked. If the alert hasn’t yet been resolved, reminder notifications let you automatically resend alert notifications, so your team stays on top of important issues. Easily enable reminder notifications when setting up detectors and choosing notification recipients in Splunk Observability Cloud - whether through the UI or with Terraform – and choose both how often reminders are sent and how long they continue.
Learn more in our documentation.
Connect application and database performance with APM-Database Monitoring Trace Correlation
This new feature integrates Application Performance Monitoring (APM) with database correlation to enhance troubleshooting for business transactions and services. SRE and API service teams will be able to identify whether database issues, specifically with SQL databases, are causing problems such as latency or errors by efficiently linking application performance alerts to specific database queries. This capability improves root cause analysis and accelerates resolution of database-related performance problems. At the trace level, when a database span is present, normalized query details are displayed if correlation data is available, sampled every 10 seconds. By clicking, "View normalized query" teams can see detailed query information and navigate back to the trace. From the business transaction view, critical alerts can be investigated by drilling down to trace-level database correlations. Determining if specific SQL servers are the root cause of performance issues is made easier from the service map perspective.
Learn more in our documentation.
Correlate service instances with infrastructure data to ensure scale and reliability
This new comprehensive service-centric view within the Instances tab empowers SREs and DevOPs teams to correlate service instance IDs with Kubernetes pod IDs and associated infrastructure data. Teams can now gain real-time visibility into pod-level details such as pod ID, cluster name, phase, restarts, and key infrastructure metrics as services scale up or down—all in a unified dashboard. This integrated approach enables seamless troubleshooting and identification of service-level issues from underlying infrastructure and more, without context switching. Additionally, teams can view trend analysis over time and drill down into specific cluster, workload, or container metrics with a single click. Inspired by customer feedback and popularized in AppDynamics, this enhancement provides actionable insights for monitoring, root cause analysis, and infrastructure health, making it easier for organizations to maintain robust service reliability as their Kubernetes environments scale.
Learn more in our documentation.
Securely send alert notifications from ServiceNow with OAuth2.0 support
Refreshed ServiceNow integrations deliver a cleaner, more consistent experience. Customize the payload sent to ServiceNow directly in the UI, both when creating and editing integrations, and connect using OAuth 2.0 for improved security.
Learn more in our documentation.
Seamlessly view logs in a re-designed table
Previously on the Log Observer home page, log data was displayed using infinite scroll. Now, it is presented in a paginated view that displays 1,000 log records per page for improved performance, faster navigation, and clearer organization. Additionally, teams can determine which fields are represented in the table columns and in what order, rearrange and sort columns, adjust column width, and more for increased flexibility and visibility into log data. Teams have a similar experience viewing logs in APM and in Dashboards for a consistent and scalable log exploration experience across all views.
Learn more in our documentation.
What’s in Preview Now
Observability AI Admin Assistant – Custom Role Creation and Management via MCP Sign Up
Splunk Observability Cloud admins can now create Custom Roles via an MCP to control granular read and write capabilities for end users to ensure appropriate access across the product, like having a user be able to create a dashboard but not an alert.
Sign up on this page.
Splunk Observability Network Monitoring with Isovalent
Network Explorer in Splunk Observability can now help customers wanting deeper visibility into networks using eBPF.
Sign up on this page.
