Stop choosing between cost and visibility. Learn how S3 Promote lets you selectively ingest historical S3 data into Splunk Cloud for on-demand investigations and retrospective threat hunting.

Welcome to the February 2026 edition of Data Management Digest!

The inaugural "What's New in Splunk AI" is here. Explore the GA of Splunk MCP Server, a new suite of security-tuned hosted AI models, and natural language SPL editing in Assistant 1.5.

Welcome to the January 2026 edition of Data Management Digest! This monthly series is your go-to resource for the latest Splunk Data Management innovations, key announcements, and community highlights

The future of AppInspect is here! We’re introducing AI-enhanced AppInspect reports for instant clarity and MCP tool support for your favorite IDEs. Validate your code with natural language prompts and slash your time-to-approval. It’s smarter, faster, and built for the way you code.

The Splunk Data Management team is pleased to bring you the December edition of our monthly digest, reflecting our ongoing commitment to elevating your data management capabilities.

Discover Splunk Mobile’s brand-new Home Screen—personalize your view, access key metrics instantly, and take your data insights anywhere.

Gain a clear view of the business outcomes your organization is driving with Splunk using the new Value Insights (Beta) dashboard in CMC. Track adoption, engagement, and business impact, all in one place.

Looking to search and analyze years of Amazon S3 security data without ingesting or indexing it first? Splunk Cloud’s Federated Search for Amazon S3 gives you instant access to your historical data in Amazon S3. And now, you can try it for free with our new trial license.

Gain total resource clarity: The updated Splunk Cloud Monitoring Console Workload Dashboard (CMC 3.30+) now delivers more granular SVC attribution, eliminating the "Search Launcher" category, allowing precise attribution of SVCs to their search type, user, and application.

The upcoming releases of Splunk Enterprise 10.2.x and Splunk Cloud Platform 10.2.x will introduce support for the Python 3.13 interpreter. This update allows customers to run their Splunk apps and technology add-ons (TAs) on the latest Python version, providing an opportunity to modernize apps and leverage Python 3.13’s improvements.

Hello Splunk Community!

We are thrilled to announce the General Availability of Splunk Cloud Platform 10.1.2507 this October 2025! This release is packed with innovations designed to enhance your observability, strengthen security, streamline administration, and supercharge your dashboarding experience.

😱 The Valley of Despair 

Every enterprise leader has faced the same sinking feeling: the request comes in, “show us who changed what, and when.” 

With no audit, you’re blind. With poor audit, you’re technically compliant—but your logs are inconsistent, noisy, and impossible to parse. One customer put it bluntly during beta feedback: 

“Our old audit trail was like looking for a needle in a haystack—except the haystack was on fire.” – Audit Beta participant. 

That’s the valley of despair. And we knew we had to get you out. 

The new SOC4Kafka connector, built on OpenTelemetry, enables the collection of Kafka messages and forwards these events to Splunk. It serves as a replacement for the existing Kafka Connector (SC4Kafka) SOC4Kafka is designed to capture events published to Kafka topics and efficiently forward them to Splunk , SOC4Kafka empowers organizations to utilize Splunk's powerful analytics and visualization capabilities. This integration enables real-time monitoring, analysis, and valuable insights from collected event data.

The past few weeks have brought significant and exciting developments for the Splunk community! We've seen major advancements, exciting new features, and a wealth of knowledge shared. As we continue our "Strengthen Your Future" series, it’s the perfect time to reflect on some of the most impactful announcements and resources that are shaping the Splunk Platform.

Discover the AI assistant usage dashboard in Cloud Monitoring Console and how Splunk Admins can use it to optimize their AI usage within Splunk.

Splunk developers, prepare for a game-changing update! The new Splunkbase App Listing Management public preview is here, streamlining your app submission experience. Enjoy powerful features like draft listings, a massive 2GB package limit, enhanced developer profiles, and a lightning-fast, automated AppInspect process that cuts review times from days to minutes. This is designed to supercharge innovation and ensure top-quality apps for all Splunk users.

Integrating Suricata with Splunk through SC4S is changing the game. Gone are the days of wrestling with custom parsers and brittle integrations. SC4S comes with automatically handling sourcetype assignments, index routing, metadata enrichment, easy deployment and built-in scalability.

Run powerful security analytics across Splunk and Amazon Security Lake without rehydrating or moving data. Learn how Splunk Federated Analytics enables faster, cheaper, and smarter threat detection.

Ensure your Splunk apps are ready for the future! Splunk Enterprise 10 is here, don't let your users be left behind – upgrade your app today to work towards a seamless transition.

The new and improved Performance Insights for Splunk, a tool for your infrastructure performance monitoring tool belt, gives a correlated view across usage patterns, resources, and system elements, allowing you to optimize your system and ensure you are getting the best value from it.

Effective June 5, 2025,  Splunk will change the default regex library from RE2 to PCRE2 for Edge Processor and Ingest Processor. Leverage the migration path to test existing pipelines today.

This blog post aims to give Splunk customers (both Splunk Enterprise and Splunk Cloud) a heads-up about the actions they’ll need to take to prepare for upgrading to a Splunk version(coming soon) that will upgrade its core cryptographic library from OpenSSL 1.0.2 to OpenSSL 3. Splunk may additionally produce an Upgrade Readiness experience that will assist customers in identifying specific action items they need to take, but we don’t want to wait for such tooling to become available to start taking action.