Splunk Tech Talks
Deep-dives for technical practitioners.
×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
New Article

Connect your Splunk Enterprise Logs with Observability Data

LesediK
Splunk Employee
Splunk Employee
‎12-14-2021 06:40 AM

WATCH NOW 

DevOps Edition

Connect your Splunk Enterprise Logs with Observability Data for Faster Troubleshooting and Cross Team Collaboration

Finally, leverage the power of Splunk Enterprise data in Splunk Observability Cloud with Log Observer Connect! Log Observer Connect is a new feature that lets observability users explore the data you’re already sending to your existing Splunk instances with Splunk Log Observer’s intuitive no-code interface for faster troubleshooting and root-cause analysis.

Since Log Observer is part of Splunk Observability Cloud this integration brings metrics, traces, and all your log data, in context, in one UI so SREs and developers can troubleshoot mission critical applications quickly. Bonus, if you happen to be an existing Splunk Enterprise customer who has Splunk Infrastructure Monitoring, Splunk APM, or Splunk Observability Cloud licenses, you automatically get Log Observer Connect at no extra cost.

(view in My Videos)



Watch  and  learn how to get started right away with Log Observer Connect:

  • Set-up roles and permissions in Splunk Enterprise
  • Configure access in Observability Cloud
  • Deep dive into Splunk Enterprise data using intuitive filtering options and save interesting filters as a saved query
  • Finally, find related content from Splunk Enterprise in other Splunk Observability Cloud products such as Splunk Infrastructure Monitoring and Splunk APM that helps developers and SREs with faster root cause analysis!!
0 Karma
2 Comments
LesediK
Splunk Employee
Splunk Employee
‎12-14-2021 06:43 AM

Here are additional resources to continue on your journey.

0 Karma
LesediK
Splunk Employee
Splunk Employee
‎12-16-2021 02:41 AM

Questions Asked

Q: What impact to SVCs does Log Observer have?

  • A: It depends on usage, really. Log Observer dispatches queries when the user performs operations on the page. All searches are on-demand.

Q: If we are doing SSO and whitelisting IPs, how do you set up the connection?

  • A: At this time, we expect a user to act as a service account to query Splunk. 

Q: Do the Splunk Enterprise search heads have to have a publicly routable internet address for Log Observer to access them?

  • A: At this time - yes. we connect to port 8089. 
0 Karma
Contributors
Get Updates on the Splunk Community!

Index This | What travels the world but is also stuck in place?

April 2026 Edition  Hayyy Splunk Education Enthusiasts and the Eternally Curious!   We’re back with this ...

Discover New Use Cases: Unlock Greater Value from Your Existing Splunk Data

Realizing the full potential of your Splunk investment requires more than just understanding current usage; it ...

Continue Your Journey: Join Session 2 of the Data Management and Federation Bootcamp ...

As data volumes continue to grow and environments become more distributed, managing and optimizing data ...