Automated Archiving is a new capability within the Metrics Management experience which automates the routing and storing of metrics data into an low-cost storage

We are excited to announce the latest enhancements to Splunk Observability Cloud as well as what is currently in preview for the Splunk Observability portfolio.  These new innovations to Splunk Observability Cloud are designed to help ITOps and engineering teams better standardize observability practices across teams and optimize their observability costs. The below features, with the exception of the Q-Release (scheduled to go live as part of the Splunk Cloud Platform launch on July 28, 2025), are now generally available to customers as of July 22, 2025.

Run powerful security analytics across Splunk and Amazon Security Lake without rehydrating or moving data. Learn how Splunk Federated Analytics enables faster, cheaper, and smarter threat detection.

In our first installment of this blog series, we introduced the exciting compliance and security enhancements coming to the next Splunk platform version, Splunk Enterprise 10.0 and Splunk Cloud Platform 10.0. Use this series as your go-to resource for key updates, benefits, and preparations for Splunk administrators and developers alike. Today, we continue the journey by diving into upgrade readiness and additional potentially breaking changes, equipping you with the insights you need for a seamless transition.

We are excited to announce the latest enhancements to Splunk Observability Cloud as well as what is currently in preview for the Splunk Observability portfolio.  These new innovations to Splunk Observability Cloud are designed to help ITOps and engineering teams better standardize observability practices across teams, improve end-user experiences, optimize cloud monitoring and debug problems faster in microservice-based applications. The features in this article are now generally available to customers as of June 24, 2025.

We are pleased to announce the general availability of Splunk Enterprise Security 8.1. Splunk becomes the only vendor to bring truly unified threat detection, investigation, and response (TDIR) workflows fueled by automation to both customer managed deplo

Ensure your Splunk apps are ready for the future! The Splunk Enterprise 10 is here. Don't let your users be left behind.

This month, we’re delivering several new innovations in Splunk Observability Cloud and Splunk AppDynamics (25.4 release) to help improve ITOps and engineering teams' ability to detect and resolve business-impacting incidents faster with less toil. 

Splunk Observability Cloud’s latest updates deliver powerful upgrades for engineers running modern, cloud-native apps—improving Kubernetes troubleshooting, JavaScript and mobile crash visibility, and log-in-context search. We have also introduced our first major integration between Splunk Observability with ThousandEyes to help accelerate mean time to innocence (MTTI) between teams and enhance collaborative troubleshooting.

Splunk AppDynamics continues to deliver innovations that help ITOps teams find issues faster, cut through alert noise, and stay in control of their n-tier apps and infrastructure.  This month’s innovations bring smarter search, flexible tagging, and enhanced AI-driven insights across hybrid and on-prem environments.

The new and improved Performance Insights for Splunk, a tool for your infrastructure performance monitoring tool belt, gives a correlated view across usage patterns, resources, and system elements, allowing you to optimize your system and ensure you are getting the best value from it.

This article describes when the Splunk App for Anomaly Detection will go End of Life, including steps to be taken if you are using the app today.

We’re excited to announce the launch of a foundational enhancement to Splunkbase: App Tiering.

Now you can filter apps by author type—Splunk, Cisco, Partners, or Community—making it faster to find trusted solutions that fit your needs.

In April, the Splunk Threat Research Team had 2 releases of new security content via the Enterprise Security Content Update (ESCU) app (v5.3.0 and v5.4.0). With these releases, there are 42 new analytics and 14 new analytic stories now available in Splunk Enterprise Security via the ESCU application update process.

We at Splunk are excited to kick off a new series of blogs dedicated to helping you understand the compliance landscape and new feature opportunities in the next platform upgrade for Splunk Enterprise and Splunk Cloud Platform. Each edition will provide essential updates for Splunk administrators and application developers, focusing on key benefits and modernizations. Think of this series as a one-stop-shop and look back on new announcements and required actions to prepare your environment and applications for the next upgrade. 

This month, we’re delivering several platform, infrastructure, application and digital experience monitoring enhancements across Splunk Observability Cloud to help engineering teams gain earlier detection and faster investigation of business-impacting issues.   

Today, we are excited to announce that you can now see everything related to your team directly on your homepage. Easily see your Splunk APM services, dashboards, top alerts, and team members of every team you’re part of, and join teams directly on the homepage.

You asked, and we delivered! SPL just got easier with the latest release of the Splunk AI Assistant for SPL app 1.1.0, offering general availability of a new personalization feature. The AI Assistant now understands your environment, generating more accurate SPL from natural language prompts. Check out what’s new in v1.1.0 and learn how to get started today.

In March, the Splunk Threat Research Team had two releases of new security content via the Enterprise Security Content Update (ESCU) app. Check out this post for the full details!

Celebrate the beta launch of the Splunk Developer Program by joining the Splunk Build-a-thon! Explore the four exciting tracks: App Development, Add-on Integration, Data Management, and AI/ML. Build innovative solutions using Splunk’s developer tools and compete for prizes including .conf25 passes, Splunk EDU credits, and Cisco Store gift cards

Ready to unlock the power of AI in Splunk? The AI Adoption Hub was built for practitioners who want to learn about and get started with AI at Splunk. It’s packed with expert-curated resources and insights to help you harness AI’s power to improve digital resilience. Check it out!

Check out the latest and greatest from Splunk Observability Cloud - from APM to log enhancements, we've released new features and capabilities to help you find and fix issues faster in your environment

Explore what's new in Splunk Cloud Platform 9.3.2411. Learn how this latest release continues to boost resilience, expand visibility, and maximize data value.

We’ve identified and fixed an issue which affected detector alerts in Splunk Synthetic Monitoring. All Synthetic Detectors will be restarted and users may receive a notification indicating that a prior detector has stopped. Incoming data from this restart may also trigger a new alert. 

Splunk is excited to announce new innovations  that help simplify complex operations, enhance performance, and leverage AI to bring together proactive insights, assisted workflows, and much more. 

Effective June 5, 2025,  Splunk will change the default regex library from RE2 to PCRE2 for Edge Processor and Ingest Processor. Leverage the migration path to test existing pipelines today.

Bringing you an awesome opportunity to take your data management and SPL2 skills to the next level! Join us for a 3-part technical workshop series happening from February-March. Harness the power of SPL2 to transform and route data with Edge Processor and Ingest Processor. Then, learn how to leverage SPL2 to build apps that extend the capabilities of the Splunk platform.

In January, the Splunk Threat Research Team had one release of new security content via the Splunk ES Content Update (ESCU) app. In addition to new security content, this release introduces ESCU 5.0, which delivers several new exciting enhancements designed to help further security operations. Check out this post for more details!

This month’s releases across the Splunk Observability portfolio deliver earlier detection and faster investigation of business-impacting issues powered by AI, even more options for comprehensive visibility, improved alert noise control to help users prioritize the issues that matter, and faster, more intuitive onboarding to speed time to value.

A few months ago, we released Splunk Enterprise Security 8.0 for our cloud customers. Today, we are excited to announce that Splunk Enterprise Security 8.0 is available now for our on-premise customers!

Access to Splunk Observability Kubernetes “Classic Navigator” UI will no longer be available starting January 30, 2025. Read on for more details.

At .conf24, we shared that we were in the process of integrating Cisco Talos threat intelligence into Splunk Enterprise Security, Splunk SOAR, and Splunk Attack Analyzer. We know just how eager the community has been to see these integrations come to fruition, so we’re thrilled to share that all of the integrations are live for Splunk Security (cloud) customers.