This TechTalk, which I am very much interested in, has originally been scheduled for an earlier date and I signed up for that. Now that it has been moved to Aug-21 I have a scheduling conflict. Will there be a recording of the talk to which signed up people will have access later?

Hi @usd0872,

Thank you for your interest in the  Introducing Splunk 10.0 Tech Talk. All registrants will receive a follow up email with a link to the recording. Lookout for the Thank you for your interest email and let us know if you have any questions

Here are a few Splunk 10.0 resources that you might find interesting:

Blogs:  

• Introducing Splunk 10
• Importance of OpenSSL 3.0
• Upgrade Readiness Blog

Data Management Blogs:  

• Capabilities expanded to include Ingest Monitoring
• Capabilities expanded to include Agent Management
• Introducing Edge Processor for Splunk Enterprise

Dashboard Studio Blogs:

• What’s New in 10.0 & 9.4?
• Spec-TAB-ular Updates

Release Notes: 

• Splunk Enterprise
• Splunk Cloud Platform

Start your Splunk Cloud free trial

Hello @LesediK ,

I just saw the post on LinkedIn about the tech talk. I missed it, and the registration is closed, of course.

Is there a way to get the recording files?

thank you in advance 🙂

Hi @Lemine,

Thank you for your interest in the  Introducing Splunk 10.0: Smarter, Faster, and More Powerful Than Ever Tech Talk. You should be able to view the on-demand recording on this page. Let me know if you have any additional questions.

Thank you! 

Here are a few top of mind questions from the live Tech Talk

Q. Is Ingest Monitoring only for Cloud at this time?

A. Yes, Splunk expands Data Management capabilities to include ingest monitoring: enabling native visibility across all data sources in Splunk Cloud Platform: Splunk Expands Data Management Capabilities To Include Ingest Monitoring.

Q. Python 3.9 is EOL in October of this year. How fast will the move to newer versions be coming?

A. Newer versions of Python are planned to release in the upcoming version of Splunk. Splunk has procured 3rd party support for Python 3.9 as the Platform, Apps, and TAs migrate to newer, mainstream supported versions.

Q. The Dashboard was mentioned but not delved into, where can we find these new features?

A. Here you can find the futures:
Dashboard Studio: What's new in Splunk Enterprise 10.0 and 9.4
Dashboard Studio: Spec-TAB-ular updates

Q. Is Splunk Health Assistant Add-on (SHAA) necessary for Cloud environments? Should we request that to be installed?

A. The Splunk Health Assistant Add-on (SHAA) is for On-Prem only. This add-on allows for On-Prem users to update the latest Monitoring Console health checks out-of-band from a Splunk release. Cloud Customers automatically get the latest health checks with updates to the Cloud Monitoring Console.

Q. Can you share the Splunk 10.0 documents?

A. Here are the release notes:
Splunk Enterprise
Splunk Cloud Platform

Q. What is the upgrade path if we are using Splunk Cloud and ES?

A. ES will require upgrades to versions that are compatible with Splunk 10. Splunk will initiate those changes. The upgrade path will be dependent on the existing ES version.

Q. When we install Splunk 10.0 is FIPS enabled by default?

A. This will depend on the environment. For Fed ramp Cloud, FIPS 140-2 will be enabled by default. For commercial cloud and CMP FIPS will not be enabled by default. FIPS mode must be configured if required for your organization's compliance needs, as per it's not enable by default.

Q. Does Agent Management includes upgrading UFs remotely on both Windows and Linux?

A. Yes, Agent Management in Splunk 10 enables you to manage and upgrade Universal Forwarders remotely on both Windows and Linux platforms. We did launch initially with support only for Linux, but remote upgrade for Windows is now available with Splunk 10. Splunk remote upgrader 

Q. Is there a minimum version required to upgrade to Splunk 10.0?

A. Yes, you must be on a supported recent version (likely Splunk 9.x, such as 9.0, 9.3, or 9.4) to upgrade directly to Splunk 10.0. If you are on an older version, you should plan to upgrade in stages according to Splunk’s official upgrade path and documentation. Here is the documentation where you can find the minimum versions to upgrade to Splunk 10, which can be found here: Upgrade information for version 10.0.

Q. Does Edge processor need separate license or extra cost and is there any limit how much data is passed thru edge?

A. Edge Processor comes with no additional cost to Splunk Enterprise 10.0, there is no license needed, as well, there is no limit on processed data for Edge Processor for Splunk Enterprise or Splunk Cloud.

Q. Will Splunk Cloud customers get a chance to defer the 10.x upgrade in case this breaks any apps they're using?

A. Splunk will work with customers on App compatibility prior to upgrading the stack to Splunk 10, the customers will receive advance notice (14 days) before their platform is upgraded to 10.0. Customers are encouraged to work closely with Splunk support and their app vendors to ensure readiness before the upgrade date.

Q. Are these O11y integration views sourcing all their data from Observability cloud, even when adding those new panel types to dashboard studio for things like service map?

A. Observability integration views in Splunk 10 can source data from Splunk Observability Cloud—especially for metrics and service maps—but are not strictly limited to that source. Dashboard Studio panels may visualize both O11y Cloud data and native Splunk metrics, depending on configuration and integration.
Splunk expands Data Management capabilities to include ingest monitoring: enabling native visibility across all data sources in Splunk Cloud Platform: Splunk Expands Data Management Capabilities To Include Ingest Monitoring.

Q. Do we have a document that explains what makes an app Splunk 10 compatible?

A. Here is the dependency changes in Splunk 10 can be found here: Preparing to upgrade from 9.x to Splunk Enterprise and Cloud Platform 10.0.

Q. Can you share what 3rd party apps you are communicating with major vendors like Akamai, security apps?

A. Splunk Our developer relations team is engaged with pursuing compatibility for all 3rd party Apps / TA's. Though, we don't have specific details on which developers are being communicated with. Splunk 10 App compatibility can be checked at any time through Splunk base for specifics check:  Preparing to upgrade from 9.x to Splunk Enterprise and Cloud Platform 10.0.

Q. For On Prem versions, what is available for health check?

A. For on-premises Splunk versions, the Splunk Health Assistant Add-on (SHA) is available for health checks, especially for upgrade readiness to Splunk 10. It runs within the Monitoring Console, provides detailed, actionable checks, and is regularly updated to cover new requirements.

Q. Any public plans to move to TLS 1.3? Or is the TLS 1.2 only setting the minimum, while actively allowing TLS 1.3?

A. TLS 1.3 support is in the product roadmap.

Q. Is Simple XML for dashboarding going away soon?

A. There are no plans to deprecate this feature.

Q. Does Splunk 10 support TLS 1.3?

A. Splunk 10.0 does not support TLS 1.3 at this time.

Q. With the breaking changes potential, is there a reversion opportunity in the cloud?

A. As of today, rollbacks are not possible in the cloud.

Just commenting to say, that it is super-annoying that your video doesn't allow playback speed adjustments.  There's no way I'm going to spend an entire hour watching this video, and it doesn't seem to be available on youtube or another platform which allows playback speed adjustment.  I've had it on my to-do list to come watch this, but now I'm checking off that list item and I'll just look at the pdf stuff instead.  If you want people to watch stuff, you should meet their needs and allow playback speed adjustment.

Hi @plaid_blanket,

Thank you for your feedback.

Introducing Splunk 10.0 - Smarter, Faster, and More Powerful Than Ever Tech Talk was made available on YouTube on September 3rd.

You can view it directly on YouTube and we do hope that you find it valuable.

Thanks again.