What’s New in Splunk Observability – September 2025

What's New

We are excited to announce the latest enhancements to Splunk Observability, designed to help ITOps and engineering teams troubleshoot application issues faster and gain deeper insight into critical user journeys. These new features became generally available to customers on Sept 30, 2025. 

The September Observability launches feature improved support for hybrid application monitoring, more context for synthetics test alerts for more actionable troubleshooting, user experience improvements toenable easier navigation, and custom Observability roles in Splunk Cloud which provide customers with greater security and improved data management.

Feature Highlights

Monitor hybrid apps and business transactions in Observability Cloud APM 

Many teams run both traditional n-tier applications and cloud-native services, and they need application performance monitoring (APM) that bridges both worlds. We’re releasing new capabilities in Splunk Observability Cloud to strengthen APM for cloud-native applications and extend support for hybrid environments — building on AppDynamics’ proven expertise in monitoring traditional three-tier applications.

Highlights include:

• Business Transactions provide flexible, precise monitoring of business workflows
• Call Graphs deliver code-level insights and enable faster root cause analysis.
• Service map grouping visually groups related services by indexed span tags and tracks their health, aligning with how teams work
• Service instance visibility improves correlation between application and infrastructure data.

Together, these capabilities deliver a single APM solution for organizations building and operating hybrid or microservices-centric applications. Read our blog post for more details.

Enriched synthetics alerts for more actionable notifications 

When a synthetic test fails, responders often waste time hunting for context. Now you can customize detector alert notifications with rich Synthetics run metrics, including step-level failure details, direct URLs to the failed run and screenshots, and more. This lets you determine the cause of a run failure directly from the alert payload sent to Splunk Cloud or third-party tools.

Check out the new Synthetics run metrics here. The default alert notification now includes these metrics in a cleaner, easier-to-read format, helping teams triage incidents faster and reduce downtime.

Custom Observability Roles in Splunk Cloud Milestone 2: All Capabilities

There is no uniformity to how companies and teams are organized. Customers need flexibility and better control over who can access what. Splunk Cloud Administrators can now create custom Observability Cloud roles in Splunk Cloud that match their organizations unique personas. All observability capabilities are now available in Splunk Cloud to centrally manage users — simplifying administration and consistency across Splunk Cloud and Observability Cloud.

Customer roles in Splunk Cloud benefits:

• Improved access management: Administrators can create roles that precisely match their organization's unique user personas. This ensures that users are granted only the "least privileged" permissions necessary for their tasks, thereby improving overall security posture.
• Enhanced security with least privilege permissions: As part of the Unified Identity integration, it allows for centralized management of users and roles, simplifying administration and consistency across Splunk Cloud and O11y capabilities.
• Tailored access control: It enables granular control over who can access and manage specific O11y features and pages, aligning access more closely with job functions and responsibilities. 

Metrics Finder React Migration

We’ve made improvements to the user experiences in the Metrics Finder tool which enables customers to find, view, and edit metrics and metadata in their Splunk Observability instance. The new user experience changes provide:

• Friendlier and snappier autocomplete experience: Users can start typing and immediately see results.
• Home page category organization changes: Users will see containers containing categories instead of lists
• Filter UI changes: Users can see all = / != options instead of needing to mouseover/hover over each name:value filter suggestion.
• Results display improvements: 
• Clicking on a metric name opens additional details. There is now a separate “View in chart” link to support that behavior.
• Users can click to expand all details and related properties. 
• Users can see more metric names before needing to scroll. 

Observability Navigation Drawer  

The Observability Navigator in Splunk Observability Cloud offers a seamless and intuitive user experience by streamlining navigation and improving discoverability. This new feature provides consistency in the look and feel of different applications across our portfolio. The change simplifies user’s access to navigate to the experiences they need in Splunk Observability Cloud.

Its key benefits include:

• Intuitive Navigation: Users can quickly find what they need without extensive clicking, as the navigation structure aligns with typical workflows.
• Workflow Alignment: The layout prioritizes frequently accessed items at the top, core full-stack observability products/features in the middle, and data management/settings at the bottom.
• Enhanced Discoverability: Navigation categories make it easier to explore and highlight key features, including new products, helping users understand the overall structure of observability components.
• Flexibility and Scalability: The design supports future growth, allowing for the integration of new areas like Security and Optimization without overwhelming the user.

What’s in Alpha / Beta Now