Splunk is excited to announce new releases that empower ITOps and engineering teams to stay ahead in ever evolving intelligent systems and IT environments. These innovations help simplify complex operations, enhance performance, and leverage AI to bring together proactive insights, assisted workflows, and much more. Read on to get the details, early access, and context on how you can take advantage for faster troubleshooting.  New in Observability This Month ITSI’s Drift Detection ITSI’s Simplified Onboarding for Event Analytics ITSI’s Backup and Restore Enhancements ITSI’s EA (Rules Engine) Scalability and Stability ITSI’s Entity Normalization In-Product Remediation Workflow & Automatic Merging Observability AI Assistant in Splunk Cloud Related Content Synthetics Downtime Configurations Synthetics Multi-factor authorization using TOTP, SSO, email password More in Preview… Proactive Insights and Faster Troubleshooting   Drift Detection: Drift Detection in Splunk ITSI helps catch sudden changes in KPIs before they are impacted and proactively determine slow, long-trending changes (like slowly increasing latency over months) that potentially indicate an issue, so it can be remediated before problems arise. Learn more.   Simplified Onboarding for Event Analytics: Simplified Alert Onboarding helps ITOps teams to easily get started with Event Analytics through an assisted workflow. Quickly transform alerts from Splunk & popular 3rd-party tools (like Nagios, SolarWinds, and Microsoft SCOM) with pre-built templates and more, including: Webhook integrations to send alert data & run alert actions between ITSI & 3rd-party integrations. Prebuilt transformation templates for selected tools that work in conjunction with the Splunk supported TAs The bidirectional Jira Cloud integration to send ITSI alerts to Jira. Event integration with Splunk Observability Cloud for more business service context and faster root cause analysis.  Normalizing and enriching alert data from a unified UI. Preview to visualize alert ingestion and transformation before enabling the ingestion.     Synthetics Multi-factor authorization using TOTP, SSO, email password: Synthetic browser tests can now mimic the login flow of additional 2FA methods, including MFA with TOTP, SSO, SMS, and email. By simulating real-world user interactions under these various MFA scenarios, you can validate authentication mechanisms, reveal friction points/delays impeding on site accessibility, and proactively uncover edge cases and vulnerabilities. Learn more. EventIQ: Currently in Preview, EventIQ in ITSI delivers AI-driven alert correlation, so ITOps teams can dynamically filter out noise, group related events, and highlight critical incidents that require immediate attention. With the ability to further configure event filter conditions and plain-text explainability during AI-analysis configuration, it's easy for teams to bake in additional domain expertise for correlation. Register to see how context-aware insights and actionable recommendations help reduce alert fatigue and streamline workflows to improve MTTR. New Performance Optimization and Scale ITSI Backup and Restore enhancements: New Backup and Restore enhancements include extended object support and dependency inclusion of Splunk knowledge objects. Proactive prechecks are additionally baked in to identify missing dependencies before creating backups to mitigate failures during restore.  ITSI EA Scalability and Stability: Made for the growing demand and complexity of modern IT environments, new enhancements to ITSI’s rules engine supports ingesting and processing a significantly higher volume of alerts with lower latency, even during indexer topology changes. Ensure faster insights & responses by tracking the performance of grouping, actions, and more to better understand noise reduction, latency metrics, and bottlenecks. ITSI Enhanced Refresh Queue: Currently in Preview, ITSI’s new Refresh Queue enhancements help teams stay ahead of operational challenges, optimizing data refresh intervals and load balancing to ensure configuration updates take place as real-time as possible. Get proactive alerts when queue issues occur before it impacts your environment and upgrades. Synthetics Downtime Configurations: You can now configure recurrence in your Splunk Synthetics Downtime Configurations, ensuring that known maintenance windows, regular updates, and other critical scenarios can be managed under one standardized configuration. By establishing set recurrence schedules ahead of time, you can eliminate the need for manual setup each downtime, reducing risk of error and maintaining operational consistency. Learn more. Streamline Visibility and Workflows Entity Normalization In-Product Remediation Workflow & Automatic Merging: Entity normalization delivers improved entity management, reconciliation and stability through an in-UI remediation experience. Once configured, entity normalization automatically merges duplicate entities, and frequently suggests duplicates found in the environment to cleanup, minimizing manual efforts for more accurate service views. Entity-level Thresholding: Currently in Preview, Entity-level Thresholding dynamically baselines and applies adaptive thresholds at an entity-level, enabling ITOps teams to easily monitor when entity behavior deviates from normal and pin point the root cause of problems at the IT component level. With more abilities wrapped inside, like automatically picking up new entities from KPIs, get excited for its General Availability in the near future! Register here for more information and early access.  Extend Impact with New Integrations & Add-Ons Observability AI Assistant in Splunk Cloud Related Content: Extend your root cause analysis and IT investigations with a GenAI-powered experience in Splunk Platform. Now, in addition to getting more context of your issues with observability data, you also get an AI Assistant that provides additional insights about related applications and infrastructure, for faster mean time to identify and resolve issues. Available for customers with Unified Identity enabled. Learn more. AppDynamic Add-on & Dedicated AppDynamics content pack: AppDynamics Add-on and dedicated AppDynamics content pack - the integration of AppDynamics with Splunk ITSI helps enhance visibility and align application, infrastructure, and databases to business impact  so you can quickly find problems and troubleshoot in-context. Read more details here, and access it directly on Splunkbase. Support for ITSI on Azure: Elevate your cloud strategy with ITSI’s new native support for Azure, enabling seamless deployment and management of ITSI to provide optimized system performance, and tighter integration with Azure services.   ... View more

As businesses scale across hybrid and multi-cloud environments and integrate AI-powered technologies, complexity grows — and with it, the risk of performance degradation and cost of downtime. To avoid facing customer-impacting IT issues, organizations need better ways to correlate data across environments, detect anomalies before they escalate, and resolve incidents more efficiently. That’s where Splunk and Cisco come in. Bringing together ITOps and engineering teams with shared data, context, and workflows to help organizations detect, investigate, and resolve issues faster. With our latest advancements, customers can stay ahead of the competition and solve problems more efficiently. Innovative AI-driven capabilities help teams troubleshoot faster by simplifying data exploration, proactively detecting anomalies before they escalate, and streamlining event management. We’re also delivering new integrations that extend visibility across applications, infrastructure, databases, and security for in-context troubleshooting and faster resolution.  Ready to build a leading and AI-driven observability practice? Then these enhancements are for you.   Don’t Guess - Ask, Detect, and Resolve with AI  Whether you are optimizing performance or responding to incidents, Splunk’s AI-innovations are designed to simplify and accelerate troubleshooting. Lets dive into what's new and how it can help your team stay ahead of problems:  AI Assistant in Observability Cloud - Splunk’s new GenAI-powered assistant in Observability Cloud is available in select realms in the US and Europe. By interacting and asking questions in natural language to the AI Assistant, engineering teams can easily extract new insights, quickly find root cause of incidents, and get expert guidance on how to fix issues even faster in their cloud infrastructure and applications. Get more details here, and check out how you can use the AI Assistant to more quickly debug problems in Kubernetes.   Check out how you can use the AI Assistant to more quickly debug problems in Kubernetes. ITSI 4.20 - Drift Detection - Drift Detection in Splunk ITSI helps catch sudden changes in KPIs before they are impacted and proactively determine slow, long-trending changes (like slowly increasing latency over months) that potentially indicate an issue, so it can be remediated before problems arise. ITSI 4.20 - Simplified Alert Onboarding (soon to be released) - Powered by AI in Splunk ITSI, Simplified Alert Onboarding helps ITOps teams to easily get started with Event Analytics through an assisted workflow. It’s easy to ingest and transform alerts from Splunk & popular 3rd-party tools (like Nagios, SolarWinds, and Microsoft SCOM) with pre-built templates, automated, state-aware event correlations, including:  Webhook integrations to send alert data & run alert actions between ITSI & 3rd-party integrations. The bidirectional Jira Cloud integration to send ITSI alerts to Jira. Event integration with Splunk Observability Cloud for more business service context and faster root cause analysis.      Respond Faster Across Databases, Apps, Infra, and Security  Modern IT environments comprising hybrid cloud architectures, distributed applications, and global databases have grown increasingly complex to manage. To address these challenges, Splunk with Cisco bring together new integrations, enabling more complete business visibility and faster remediation across our portfolio than ever before:  AppDynamics Add-on and dedicated AppDynamics content pack (soon to be released) - the integration of AppDynamics with Splunk ITSI helps enhance visibility and dynamically correlate applications and infrastructure with databases so you can quickly find problems and troubleshoot in-context. Read more details here, and access it directly on Splunkbase. AppDynamics Secure Application & Splunk Enterprise Security Integration - The new integration between AppDynamics’ Secure Application and Splunk Enterprise Security unifies visibility across ITOps and Security teams. By sending application attack data from Secure Application to the Splunk platform, teams can alert security analysts, accelerate application security investigation workflows, and quickly resolve issues. For Splunk customers who want access to early insights or want to try some of these upcoming releases, sign up here and provide us valuable feedback. ... View more

With rapid advancements in AI, digital resilience is no longer optional. AI-driven innovation is reshaping data centers, workplaces, and beyond - and businesses must adapt to ensure continuity and unlock innovation. That's why leading organizations trust Splunk’s unified security and observability platform to keep their digital systems secure and reliable. By combining new purpose-built threat analytics, advanced AI in observability, data management & federation, and new integrations with Cisco, Splunk provides a foundation for organizations to scale with the future of AI and the demands of tomorrow’s digital landscape. New AI and Integrations for Faster, Smarter Troubleshooting ITOps and engineering teams are under more pressure than ever to perform. The adoption of hybrid and multi-cloud infrastructures, integration of AI, and high demand for resilient digital experiences have made IT environments more dynamic, and complex. To keep pace, organizations need more effective ways to simplify troubleshooting, respond faster and solve problems. Splunk with Cisco makes this easier, by bringing teams together with shared data, context, and workflows to fix problems fast, ensure reliability of digital systems and deliver exceptional customer experiences. At Cisco Live EMEA, Splunk Observability will showcase the following innovations:  AI Assistant in Observability Cloud Splunk’s new AI Assistant in Observability Cloud, powered by agentic AI technology, is ready to help answer questions about your cloud application and infrastructure . Type in your prompts and the AI Assistant will analyze your logs, metrics, and trace data in seconds, surface key insights about potential root causes or performing gaps, and provide suggested actions to troubleshoot IT incidents. This AI Assistant is available in select realms in the US, Australia, and Europe. Get more details here, and check out how you can use the AI Assistant to debug problems in Kubernetes more quickly. ITSI 4.20 - Drift Detection  Drift Detection in Splunk ITSI helps catch sudden changes in KPIs before they are impacted and proactively determine slow, long-trending changes (like slowly increasing latency over months) that potentially indicate an issue, so it can be remediated before problems arise. Read more here. ITSI 4.20 Simplified Alert Onboarding  Soon to be released, Simplified Alert Onboarding in Splunk ITSI helps ITOps teams easily get started with Event Analytics through an assisted workflow. It’s easy to ingest and transform alerts from Splunk & popular 3rd-party tools (like Nagios, SolarWinds, and Microsoft SCOM) with pre-built templates, automated, state-aware event correlations, and more. AppDynamics Add-on and dedicated AppDynamics content pack Soon to be released, ITSI’s new AppDynamics Add-on and dedicated content pack enhances visibility and helps teams quickly find problems and troubleshoot in-context, by integrating AppDynamics with ITSI to dynamically correlate applications and infrastructure data with databases. AppDynamics Secure Application and Splunk Enterprise Security The new integration between AppDynamics’ Secure Application and Splunk Enterprise Security unifies visibility across ITOps and Security teams. By sending application attack data from Secure Application to the Splunk platform, teams can alert security analysts, accelerate application security investigation workflows, and quickly resolve issues. Powering the SOC of the Future with Splunk Security  Splunk Security delivers unified threat detection, investigation, and response (TDIR) to power the SOC of the future for greater digital resilience. Together with Cisco, our game-changing security solutions protect an organization's entire digital footprint from modern cyber threats at machine scale, using unprecedented depth and breadth of data across Splunk and Cisco to solve the security data problem.   At Cisco Live EMEA, Splunk Security will showcase the following innovations: Empowering Threat Detection through Cisco Talos integration with Splunk Enterprise Security and Splunk SOAR Now, Splunk Security cloud customers can directly leverage Cisco Talos’ threat intelligence through Cisco Talos Intelligence for Enterprise Security, the Cisco Talos Intelligence connector for Splunk SOAR, and as a globally enabled feature in Splunk Attack Analyzer — at no additional cost. With these integrations, customers can power the SOC of the future with robust intelligence to swiftly identify and mitigate risks. Boosting Analyst Efficiency with the AI Assistant in Enterprise Security (Preview) The AI Assistant in Enterprise Security (Preview) will allow security analysts to boost their efficiency and answer questions to guide daily workflows, save time while addressing threats more rapidly, and use natural language queries to get answers during investigations. Unifying TDIR Workflows with Splunk Enterprise Security 8.0 The introduction of Splunk Enterprise Security 8.0 brought in the SIEM of the future. Now, SOC teams can handle full TDIR workflows from start to finish,​ deploy automation with native Splunk SOAR integration and enhance detection engineering capabilities, all within Splunk Enterprise Security. For Splunk customers who want access to early insights or want to try some of these upcoming releases, sign up here and provide us valuable feedback.   ... View more

Welcome to the second segment of our guide. In Part 1, we covered the essentials of getting started with ITSI and how to address key IT challenges. Here in Part 2, we will share insight and recommendations on how to advance your usage, optimization, and ways to leverage additional tooling.  Strategies to Enhance Performance In order to take performance a step further, it's essential to implement techniques that take advantage of customization, optimization, and predictability. Maturing the use of these capabilities will help you fine-tune your ITSI setup to more closely match your organization’s specific needs:  Utilize Custom KPIs: Tailor ITSI to your organization's needs by creating and implementing custom KPIs. For instance, a financial services company could monitor the latency of critical transaction processing systems, or business stakeholders at a hospital could monitor ambulance availability. By leveraging custom KPIs, organizations can gain insights beyond revenue and drive higher value decision-making across various functions. In addition, see best practices for using metrics to create KPIs. Mature Your Alerting Strategies: Learn how to set up multi-KPI alerts for changes in service KPIs and be sure that you are notified of critical events without being overwhelmed by noise.  Know Adaptive Thresholding Configuration: Setup Adaptive Thresholding by creating adaptive KPI thresholds and watching a simple step-by-step thresholding process. Next, make sure to monitor and optimize the health of your ITSI environment by taking advantage of ITSI’s Configuration Assistant. This feature will help identify configuration issues for your services, KPIs, entities, and at a glance resolve issues, and apply changes to your objects in bulk. Once setup, review our best practices and take your optimization further by utilizing the ‘ML-Assisted Adaptive Thresholding’ feature. Powered by Splunk AI, ML-Assisted Adaptive Thresholding provides automated adaptive threshold configuration recommendations.   Optimize Entity Rules: Streamline your ITSI setup by learning how to define and manage entity rules for maximum efficiency and accuracy. Deploy Predictive Analytics: Start Implementing predictive analytics (at the right time) to anticipate issues before they impact services.  Enhance Incident Response: Refine correlation rules that reduce noise and focus on actionable events. Explore detailed methods for optimizing the rules and additional guidance on configuring the Notable Event Aggregation Policy so it can further manage event noise. Already ahead of the curve and interested to know what’s new to help fine-tune your setup? The new pre-checks in the recently released ITSI 4.19 Upgrade Readiness Dashboard now help identify actionable insights, such as entities associated with deleted or non-existent services, and issues with entity filtering to ensure a smooth upgrade process.   Maintenance and Optimization Setting the foundation for continuous improvement starts with setting up ways to maintain and optimize your deployment. Updating your growing IT environment, regular performance tuning and best practice workflows will help keep your ITSI setup adaptable to the evolving needs of your business. Follow the embedded links in each: Update Environment Changes: Regularly review and update your ITSI setup to reflect your evolving IT environment, and learn how to conduct a comprehensive review. Remember to go back to Splunkbase to reference other preconfigured IT use cases directly to be used within ITSI. Leverage those prepackaged ITSI for new monitoring use cases in your growing environment.  Maintain Adaptive Thresholds: Ensure thresholds applied to service KPIs represent good service function and can address issues before they escalate. Use Best Practice Workflows: Follow best-practice workflows from identification to remediation.  Harness Machine Learning: Leverage the power of machine-learning to uncover hidden patterns and trends in your IT data by discovering ways to train and deploy ML-models in ITSI. Integrate Other Splunk Products Integrating Splunk ITSI to take advantage of other Splunk products doesn’t have to be challenging. Take the next step in creating a more unified and resilient IT environment by leveraging these must-have integration recommendations:  Critical Notifications: Integrate with your preferred incident response tool, like Splunk On-Call, to ensure actionable episodes reach the right teams quickly.  Precise Business Transactions: Utilize APM Business Workflows in ITSI for automatic service creation using service topologies.  Application Alerts: Take advantage of the ITSI integration with AppDynamics to help accelerate your onboarding of application availability, performance, end user experience, health rule violations, and events data. Use this to deep-link into AppDynamics applications from within an ITSI entity or ITSI event. Another must-have is being able to send alerts from Observability Cloud to an ITSI event index. Secure Visibility: Enhance collaboration between NOC and SOC teams by sharing data between Splunk ITSI and Splunk Enterprise Security.  Curious how other customers are safeguarding their data? The ITSI backup and restore process enhancements in the 4.19 release allow users to protect critical data and ensure the continuity of their services by viewing any missing dependent objects in backup files and preventing restore job failures. Conclusion As we conclude our exploration of advanced strategies, maintenance practices, and integration opportunities for Splunk ITSI, it's clear that optimizing your IT operations is an ongoing journey. By implementing these advanced techniques, regularly maintaining your ITSI environment, and integrating other powerful Splunk products, you can ensure that your IT infrastructure remains robust, efficient, and aligned with business goals. Stay connected with our community and resources for continuous learning and support, and keep pushing the boundaries of what your ITSI deployment can achieve. Thank you for joining us in this series, and we look forward to seeing the remarkable outcomes your organization will achieve with Splunk ITSI. Try Our Latest Innovations To learn more about simulating your services and their health scores, read our Service Sandbox documentation.  To learn more about our one-stop-shop for bulk configuration updates for KPIs with the ITSI Configuration Assistant, read more here.  To identify the origin of problems and reduce manual investigations, read more about ITSI’s Service Impact Analysis here.  Read about our other features in Preview and release notes here.  ... View more

As modern IT environments continue to grow in complexity and speed, the ability to efficiently manage and optimize diverse systems has become a business requirement. Splunk IT Service Intelligence (ITSI) is an AIOps, analytics, and IT management solution that provides visibility to optimize IT performance and help predict incidents before they impact customers. This blog post provides a guide for adopting, implementing, and maximizing the potential of Splunk ITSI. Getting Started with ITSI With a highly extensible solution like ITSI, it can be challenging to determine the efforts that bring the fastest and most effective time to value. To help you navigate this process, here are some tips and best practices to help make the most of your deployment: Explore the Getting Started Guide: If you are in the initial stages of implementing ITSI, our getting started guide provides a comprehensive overview of the initial steps. Adopt ITSI Capabilities Strategically: Prioritize which capabilities to implement based on your organizational needs by reviewing ITSI’s strategic adoption guide.  Optimize Operations for End-User Experience: To ensure the best operational outcomes and end-user experiences, refer to our definitive guide to best practices. Gain Visibility into Third-Party APM Solutions: Utilize our APM solution content pack to enhance visibility for ITOps, Executives, DevOps, and DevSecOps. Curious about recently released features that make getting started easier?  Check out a new and easy to use feature called Service Sandbox (GA) inside ITSI’s 4.19 release. With drag and drop abilities now in the UI, users can map and simulate services, service health scores, and identify potential errors before production for even faster service decomposition.   How to Address Key IT Challenges Today's IT environments are complex and dynamic, presenting numerous challenges that require flexible solutions. Splunk ITSI is designed to address these challenges head-on, providing visibility, intelligent correlation and predictive analytics to deliver smooth and efficient operations. Below, we highlight three critical challenges and reference technical guidance on ways that ITSI helps:  Overwhelming Alert Noise: One of the most significant challenges in modern IT operations is the lack of visibility into the health, dependencies, performance, and impact of IT assets. When teams can’t make sense of their environment, they can’t find and fix issues and spend their time jumping between tools. This becomes even more challenging when the accumulation of tools, siloed teams, and data create an overflow of alerts (many of which are duplicate), and makes it extremely difficult to understand signals in the noise. This results in frustrated teams, lost revenue, and higher costs.  Recommendations: Start reducing alert noise by understanding Splunk’s approach to Event Analytics. From there, see how to process notable events so they can be grouped into meaningful Splunk ITSI episodes. Want more help identifying the alerts or groups of alerts that appear to be unusual compared to what you normally see? Read about approaches you can use to help identify the “unknown unknown” in your alert storms.  Lack of Visibility and Business Context: Connecting the visibility of IT and business stakeholders is crucial in order to align them on the same objectives. Without a centralized location to see all the data, teams spend time trying to surface relationships between applications and infrastructure, how these relationships affect services, and how all of this impacts the business. Piecing the alignment together in complex and dynamic environments makes it challenging for teams to understand the severity of incidents and prioritize issues based on their business impact.  Recommendations: See how to analyze IT service health with advanced tools and dashboards that provide detailed insights into the health and performance of your IT services. Review how executive glass tables offer high-level visibility into critical services, and help to modernize IT operations by aligning them with business goals. Understand how the dashboards provide a clear visual of how IT and engineering impacts business functions, and foster faster identification and prioritization of incidents that impact the bottom line. You can check out more glass table examples here. As a next step, take a look at step-by-step guidance on how to troubleshoot service problems. Unpredictable Incidents and Downtime: Unplanned incidents and downtime can severely disrupt business operations. These issues often lead to decreased productivity, lost revenue, and can directly impact a company’s brand and reputation. To overcome this, IT operations and engineering teams must look for ways to forecast performance and anticipate issues before they impact the business or worse, customers. Recommendations: Splunk ITSI can provide early warning signs of potential incidents, guide teams to take preemptive action, and even automate runbooks. Watch how to proactively prevent incidents and predict outages up to 30 minutes before they happen.  Curious about what’s new in ITSI to help prioritize and respond to key challenges?    Significantly enhance your ability to manage and resolve incidents with ITSI’s new Service Impact Analysis (GA) from the 4.19 release. Now identify the origin of problems for any degraded service and rank the top contributors (e.g., KPIs) by priority to reduce manual investigations and provide a quick starting point for troubleshooting.   Stories You Can Replicate  Learning about how others have implemented ITSI to exceed their goals can provide valuable insight and inspiration for your own deployment. Below are noteworthy examples of how others have achieved significant operational improvements and what it meant for their business:  By implementing ITSI, Leidos reduced event noise by 95-99%, scaling down from 3,500-5,000 to just 50-200 actionable events. This telecom giant drastically reduced incidents across more than 5,000 network exchanges by 90% and increased their customer NPS score by 22 points. Conclusion Ahead of Part 2 of this blog, you should now understand how to get started, prioritize and extract the most value for your time, and know what best practices align with your organization’s mission. To make the most of your discoveries, we invite you to explore ITSI’s comprehensive training resources and join our vibrant user community. Look for Part 2 of this guide to learn about more advanced use cases, optimization, and ways to leverage additional tooling. ... View more

Accelerate Service Onboarding, Decomposition, Troubleshooting - and more!  Faster Time to Value Managing and aligning complex IT services can be challenging, but with Service Sandbox (GA) in ITSI 4.19, it's never been easier. With drag and drop abilities to map services in the UI, users can oversee and coordinate a wide range of services for even faster service decomposition. Whether you’re new to Splunk ITSI or building out services for a new business unit, the in-product UI experience of ITSI Service sandbox allows you to create multiple sandboxes for each of your teams, simulate your services and their health scores, and identify potential errors before publishing to Service analyzer.   Experience simplified alert onboarding for Event Analytics (in Private Preview) with an assisted workflow. With seamless event data integration from Splunk Observability Cloud and the ability to normalize and enrich alert data from a unified UI, users can easily ingest alerts from popular 3rd party tools (like Nagios, Solarwinds, and Microsoft SCOM) with automated, state-aware event correlations. Additionally users can now:  Leverage Webhook integrations to send alert data and run alert actions between ITSI and third-party integrations. For more information, see Integrate ITSI with a webhook. Export episodes and download as CSV. For more information, see Download episodes in ITSI. Utilize the bidirectional Jira Cloud integration to send ITSI alerts to Jira. Leverage the ITSI Configuration Assistant (now GA) to proactively surface insights in the health of ITSI objects (KPIs, Services, Entities) and configurations (starting with KPI thresholds). Receive recommendations on next steps to remediation in a one-stop-shop and for bulk configuration updates for KPIs.  Greater Accuracy Entity Normalization (in Private Preview) is prepared to help users create a unified and consistent view of entities from multiple sources by enhancing your hostname based entity reconciliation, regardless of datasource and support for data enrichment.  Prepare your customers for new KPI Drift Detection (in Private Preview) - Catch sudden changes in KPIs before they are impacted and proactively determine slow, long-trending changes (like slowly increasing latency over months) that potentially indicate an issue so that they can be remediated before problems arise. In 4.19, ITSI’s Event Analytics Scalability and Stability (in Private Preview) has punched above its weight yet again to enable customers to ingest and process a higher number of notable events with lower latency. This robust enhancement delivers an event pipeline at high scale and high availability (rules engine) to handle indexer topology changes, and decreased rules engine latency from multiple minutes down to seconds.  This extension of 4.18’s ML-Assisted Thresholding accelerates troubleshooting with advanced anomaly detection and Mobile Crash Analytics for Entity-level Adaptive Thresholding (in Private Preview). Additionally, this comes fully correlated with Full-fidelity Session and Trace Analytics.  Enhanced Service Troubleshooting Identify the origin of problems for any degraded service and rank the top contributors (e.g. KPIs) by priority with Service Impact Analysis (now GA), reducing manual investigations and providing a quick starting point for troubleshooting.  Improved Upgrade & Backup + Restore Experience Now when running a pre-check on the ITSI 4.19 Upgrade Readiness Dashboard, users can identify more actionable insights at a glance. These new pre-checks help identify entities associated with deleted or non-existent services, issues with entity filtering, and when the number of KPIs using a specific search base exceeds a limit. With ITSI backup and restore process enhancements, users can now protect critical data and ensure the continuity of their services. Streamline recovery processes when creating restore jobs by viewing any missing dependent objects in backup files and preventing restore job failures.  Try it Today To learn more about simulating your services and their health scores, read our Service Sandbox documentation.  To learn more about our one-stop-shop for bulk configuration updates for KPIs with the ITSI Configuration Assistant, read more here.  To identify the origin of problems and reduce manual investigations, read more about ITSI’s Service Impact Analysis here.  Read about our other features in Preview and release notes here. ... View more

Automatically detect how metrics across services impact resources and users New APM Detectors help engineering teams simplify alert creation and effectively detect abnormalities in traffic patterns. In one step Splunk APM users can create detectors within the context of familiar capabilities like service map, tag spotlight, and APM’s landing page. Additionally, teams can now create detectors based on request rate to understand abnormalities in traffic patterns. Instantly simplify & automate browser test creation The new Synthetic Monitoring Chrome Scripts Importer captures precise user actions and complex user flows across multiple pages to replicate interactions and generate test scripts that cover various scenarios and user journeys. By simplifying and automating browser test creation, engineering teams can ensure tests resemble actual user experiences and gain a more reliable understanding of functionality and performance.  Easily reconstruct end-user actions and behavior  RUM Session Replay allows users access to video reconstructions that showcases end-user actions and behavior of a web application. By quickly being able to reproduce issues with detail-rich performance metrics and a waterfall view of the user session, users will be able to better understand their customer’s journey so they can debug issues faster and reduce MTTR in-context. Try it Today To learn more about generating tests, read our Chrome Scripts Importer documentation.  To learn more about controlling service data OOTB, read more here.  For insight into accessing video reconstructions of your user experience, read the documentation here.  ... View more

Fine Tune Browser Tests for Optimized Experiences Wait Times in Synthetic Monitoring improves the accuracy of browser tests by enabling users to fine tune the wait time between tests. By adding a custom wait time step (up to 200 seconds), customers can capture longer load times, optimize test coverage to avoid load time failures, and achieve more accurate test results that enhance end-user experiences. Synthetics in EU0 Splunk Synthetic Monitoring has officially expanded regional availability to Europe (EU0).  Try it Today To learn more about Wait Times for front-end browser testing, see the documentation.  ... View more

Understand Throttled Data & Test Faster Than Ever Before Optimizing your user experience has never been easier! Splunk’s latest release brings new capabilities to help IT and engineering teams build, test, and troubleshoot faster in their complex hybrid and multi-cloud environments. With the new Try Now feature within Splunk Synthetic Monitoring and Detector enhancements for Splunk APM’s Autodetect, users can quickly create synthetic tests to catch performance problems earlier in development pipelines and understand when service spikes lead to throttled trace data. Here’s a summary of what’s new and how to get started:  Shorten the setup time for synthetic tests Newly packaged inside Splunk Synthetic Monitoring, the Try Now capability enables users to easily verify that each step of their synthetic test is working without losing progress to check functionality. By checking the performance and availability of critical end-user journeys in the absence of real user traffic with in-context verification, users can execute function tests faster without losing progress, detecting and resolving issues before customers are impacted.  Measure and control service data more efficiently With the latest detector enhancements, APM’s Autodetect now helps engineering teams more effectively measure and control their service data. Teams can detect when APM starts to throttle their trace data, correlate which events from their environment were the reason (such as workload increases or new releases), and identify the exact source that is being throttled.  Try it Today To learn more about testing on the go, read our Try Now documentation. To learn more about using and customizing autodetect alerts, see our APM Autodetect documentation. — Connor Tye, Product Marketing Manager, Observability  ... View more