Consider this your go-to resource for everything happening in the world of Splunk Data Management!

Discover Splunk Mobile’s brand-new Home Screen—personalize your view, access key metrics instantly, and take your data insights anywhere.

Gain a clear view of the business outcomes your organization is driving with Splunk using the new Value Insights (Beta) dashboard in CMC. Track adoption, engagement, and business impact, all in one place.

Enterprise Security (ES) Essentials 8.3 is here, with new capabilities to help analysts focus on critical threats, work faster, and build better detections. See the most important alerts first in a streamlined Analyst Queue, accelerate investigations with the AI Assistant, and gain more control over detection creation and tuning. Plus, join the Detection Studio Alpha to help shape the future of detection engineering.

Looking to search and analyze years of Amazon S3 security data without ingesting or indexing it first? Splunk Cloud’s Federated Search for Amazon S3 gives you instant access to your historical data in Amazon S3. And now, you can try it for free with our new trial license.

We’re excited to announce the latest enhancements to Splunk Observability Cloud and share what’s currently in preview across the Splunk Observability portfolio. These innovations are designed to help you resolve database performance issues faster, seamlessly correlate and search relevant logs in APM and Infrastructure Monitoring, and monitor your cloud services more easily. The following features became generally available on November 13, 2025. 

At Splunk, your product success is our top priority. With Enterprise Security (ES), we're here to help you accelerate security outcomes, reduce risk, and build lasting resilience for your organization. As you may already know, Enterprise Security 7.3 will reach end of support on February 28, 2026. After this date, we will no longer be able to provide technical support, bug fixes, or security updates for this version. 

We are thrilled to continue our journey into a new era for Splunk ES as the AI-Powered SecOp platform, building a unified threat detection, investigation, and response workflow. The new ES 8.3 release has a slew of product enhancements, which you can see in action here. 

Gain total resource clarity: The updated Splunk Cloud Monitoring Console Workload Dashboard (CMC 3.30+) now delivers more granular SVC attribution, eliminating the "Search Launcher" category, allowing precise attribution of SVCs to their search type, user, and application.

Python 3.9 is reaching end-of-life in October 2025, and Splunk SOAR is moving forward. Learn why updating your SOAR apps for Python 3.13 compatibility is essential, what steps you need to take, and where to find resources to ensure your apps remain secure and functional.

The upcoming releases of Splunk Enterprise 10.2.x and Splunk Cloud Platform 10.2.x will introduce support for the Python 3.13 interpreter. This update allows customers to run their Splunk apps and technology add-ons (TAs) on the latest Python version, providing an opportunity to modernize apps and leverage Python 3.13’s improvements.

Hello Splunk Community!

We are thrilled to announce the General Availability of Splunk Cloud Platform 10.1.2507 this October 2025! This release is packed with innovations designed to enhance your observability, strengthen security, streamline administration, and supercharge your dashboarding experience.

We’re excited to announce the latest enhancements to Splunk Observability Cloud and share what’s currently in preview across the Splunk Observability portfolio. These innovations are designed to help you resolve database performance issues faster, seamlessly correlate and search relevant logs in APM and Infrastructure Monitoring, and monitor your cloud services more easily. The following features became generally available on October 21, 2025. 

😱 The Valley of Despair 

Every enterprise leader has faced the same sinking feeling: the request comes in, “show us who changed what, and when.” 

With no audit, you’re blind. With poor audit, you’re technically compliant—but your logs are inconsistent, noisy, and impossible to parse. One customer put it bluntly during beta feedback: 

“Our old audit trail was like looking for a needle in a haystack—except the haystack was on fire.” – Audit Beta participant. 

That’s the valley of despair. And we knew we had to get you out. 

A Security Conversation That Needed to Happen 

For years, many of us in the Splunk community have relied on transport layer security (TLS) to secure traffic between Splunk components—forwarders, indexers, search heads, and more. TLS did the job: encrypt traffic, authenticate the server, and move on. But as the world shifted—toward a Zero Trust framework, tighter compliance, and more aggressive cyber threats—the age-old question resurfaced: "How do I really know who’s on the other end of that connection?" 

Enter Mutual TLS (mTLS). In a world where verifying the server alone isn't enough, mTLS takes things up a notch. It requires both the server and the client to prove their identity. Think of it as cryptographically enforced mutual trust. 

Check out the lastest Splunk Observability innovations that launched in September 2025. 

The new SOC4Kafka connector, built on OpenTelemetry, enables the collection of Kafka messages and forwards these events to Splunk. It serves as a replacement for the existing Kafka Connector (SC4Kafka) SOC4Kafka is designed to capture events published to Kafka topics and efficiently forward them to Splunk , SOC4Kafka empowers organizations to utilize Splunk's powerful analytics and visualization capabilities. This integration enables real-time monitoring, analysis, and valuable insights from collected event data.

The past few weeks have brought significant and exciting developments for the Splunk community! We've seen major advancements, exciting new features, and a wealth of knowledge shared. As we continue our "Strengthen Your Future" series, it’s the perfect time to reflect on some of the most impactful announcements and resources that are shaping the Splunk Platform.

Discover the AI assistant usage dashboard in Cloud Monitoring Console and how Splunk Admins can use it to optimize their AI usage within Splunk.

Splunk developers, prepare for a game-changing update! The new Splunkbase App Listing Management public preview is here, streamlining your app submission experience. Enjoy powerful features like draft listings, a massive 2GB package limit, enhanced developer profiles, and a lightning-fast, automated AppInspect process that cuts review times from days to minutes. This is designed to supercharge innovation and ensure top-quality apps for all Splunk users.

The Splunk Developer Program is officially GA! Access centralized tools, licenses, support, and community recognition to build high-quality apps and extend Splunk’s capabilities. Learn more at dev.splunk.com.

What's New

We are excited to announce the latest enhancements to Splunk Observability Cloud as well as what is currently in preview for the Splunk Observability portfolio. These new innovations to Splunk Observability Cloud are designed to help ITOps and engineering teams troubleshoot application issues faster and gain deeper insight into critical user journeys. The below features are now generally available to customers as of August 26, 2025. 

A circular graphic composed of numerous small white outline symbols, forming a prominent human stick figure shape in the center, against an orange and pink gradient background

At Splunk, we believe that true innovation is inclusive innovation. That's why we're excited to pull back the curtain and introduce you to our new quarterly "Inside Splunk Accessibility" series. We’ll share the critical role accessibility plays in Splunk product development and update you on  our current initiatives. 

Integrating Suricata with Splunk through SC4S is changing the game. Gone are the days of wrestling with custom parsers and brittle integrations. SC4S comes with automatically handling sourcetype assignments, index routing, metadata enrichment, easy deployment and built-in scalability.

Ever wonder how to tap into cutting-edge AI without managing your own GPU? Splunk AI Assistant for SPL via a cloud-connected solution revolutionizes GenAI by securely hosting AI services in the Splunk-managed Cloud Platform while transmitting only the minimal data needed. 

We’ll unravel how to enable cloud connectivity, differences between the Splunk Enterprise cloud-connected and Splunk Cloud Platform solution, and show you how to get started fast. Walk away ready to supercharge your on-prem Splunk environment with Gen AI—no extra GPUs required.

Automated Archiving is a new capability within the Metrics Management experience which automates the routing and storing of metrics data into an low-cost storage

We are excited to announce the latest enhancements to Splunk Observability Cloud as well as what is currently in preview for the Splunk Observability portfolio.  These new innovations to Splunk Observability Cloud are designed to help ITOps and engineering teams better standardize observability practices across teams and optimize their observability costs. The below features, with the exception of the Q-Release (scheduled to go live as part of the Splunk Cloud Platform launch on July 28, 2025), are now generally available to customers as of July 22, 2025.

Run powerful security analytics across Splunk and Amazon Security Lake without rehydrating or moving data. Learn how Splunk Federated Analytics enables faster, cheaper, and smarter threat detection.

In our first installment of this blog series, we introduced the exciting compliance and security enhancements coming to the next Splunk platform version, Splunk Enterprise 10.0 and Splunk Cloud Platform 10.0. Use this series as your go-to resource for key updates, benefits, and preparations for Splunk administrators and developers alike. Today, we continue the journey by diving into upgrade readiness and additional potentially breaking changes, equipping you with the insights you need for a seamless transition.

We are excited to announce the latest enhancements to Splunk Observability Cloud as well as what is currently in preview for the Splunk Observability portfolio.  These new innovations to Splunk Observability Cloud are designed to help ITOps and engineering teams better standardize observability practices across teams, improve end-user experiences, optimize cloud monitoring and debug problems faster in microservice-based applications. The features in this article are now generally available to customers as of June 24, 2025.

We are pleased to announce the general availability of Splunk Enterprise Security 8.1. Splunk becomes the only vendor to bring truly unified threat detection, investigation, and response (TDIR) workflows fueled by automation to both customer managed deplo