One Log To Rule Them All: Centralized Troubleshooting With Splunk Logs

​Additional resources  to ​continue your Splunk Logs journey

Training and Courses

• Splunk Observability Free Courses

Documentation

• Find more information on Splunk Docs

Customer Success Services

• Observability Smart Start Accelerator

Blog Posts

• It Takes a Village – And Some New Features From Splunk – To Scale Your Cloud Monitoring Without Brea...

Research

•    2023 GigaOm Radar for Observability Cloud
•     State of Observability 2023

Splunk Observability Cloud Free Trial 

• Try Splunk Observability Cloud free for 14 days. No credit card required.

Related Webinar

• How To Use Logs from Splunk Platform in Splunk Observability Cloud

Q&A

Here are a few questions and answers submitted by attendees:

Q. Does Splunk Observability Cloud need any agent installed on containers? 

A. Here's our documentation about how to set up the Splunk OpenTelemetry collector

Q. Is there a free cloud sandbox for this (I googled "splunk free sandbox" and got no results). A few years back there were many cloud sandbox options?

A. Get started with a TRIAL.

Q. Is Log Observer available for Splunk Enterprise? Didn't see an app for it on Splunkbase?

A. Log Observer is a no-code experience in Observability Cloud, which is delivered as a SaaS product and not a Splunkbase app. 

Q. How does Splunk Observability Cloud compare to Dynatrace?

A. With Splunk Observability Cloud you can apply the Splunk logs that you're already collecting to your Observability use cases. Other vendors wouldn't be able to show the whole picture in one product. Hope this helps!

Q. Do the trials have demo data?

A. Every Observability Cloud trial includes sample metrics. When you're choosing how to get data in, you'll have the choice to set up the demo system "HipsterShop" to send in sample data to your account, and see the same kind of data I showed today. 

Q. Can you reference or link the Observability dashboards from Splunk Cloud?

A. This is a direction we're looking into. It's somewhat more supported to link to Splunk Cloud from Observability dashboards through a feature called Data Links. Learn more 

Q. From a cyber security/incident response perspective, how does this compare to Splunk Enterprise Security?

A. Splunk Observability Cloud is designed for Devops troubleshooting. This shares elements with security incident response but is distinct in some important ways like the data it uses and the response steps available in the UI. Hope this helps. 

Q. So this supports analyzing logs in the Hybrid cloud right?

A. You can connect logs from Splunk Cloud or Splunk Enterprise to Observability Cloud using Log Observer Connect.

Q. How is Observability being licensed?

A. Check out this page on our website for pricing and packaging information.

Q. Are we able to still write SPL if we need to? also can we do joins and combine lookups like we do in splunk enterprise? are there any features from splunk enterprise dropped in the log observer? Is the summary index feature still available?

A. Log Observer is a no-code experience in Observability Cloud, designed for folks who don't need or want to use the SPL-based interface in Enterprise to troubleshoot with logs. If you need to use SPL, like for joins or combines, Splunk Enterprise is the right interface for you!

Q. If I’m already a Splunk Platform and Observability user, do I get access to these logs capabilities?

A. Yes, you can!

Q. How can I get started today with Splunk Observability Cloud ?

A.

• Reach out to your account manager
• Get a 14-day free trial on www.splunk.com 

Q. Does this cost more? Adding logs can have an impact on your Splunk Platform data usage.

A. Talk to your account manager for further details.

Q. Can I connect logs to Observability if I use Splunk on-prem?

A. Observability is provided as SaaS but yes you can. 

Q. Do I need Infrastructure Monitoring, APM or RUM to get started with logs in Observability?

A. In addition to logs data, Observability Cloud also includes infrastructure and application performance monitoring. You need IM or APM or the Observability Cloud Suite.

Q. Where can I learn more about Splunk Observability Cloud?

A. You can visit our website or reach out to your account manager! We’ll also soon launch a way for you to learn more about Observability directly on Splunk Cloud via an app.

Checkout the Blog post and view video highlights, all under 5 minutes! View now One Log to Rule Them All