Sold by: Splunk
Deployed on AWS
Splunk Observability Cloud is the only fully integrated, turn-key solution for DevOps teams to conquer the complexity caused by modern applications and infrastructure. It powers high performing applications to deliver world-class customer experiences by eliminating operational blindspots. You can quickly find, analyze and resolve incidents anywhere in your stack with all the answers in one place. Unlike other vendors, with Splunk Observability Cloud you only need to instrument once with OpenTelemetry to get unified metrics, traces and logs collected in real-time, without sampling for full-stack, end-to-end visibility. AI-driven pattern detection proactively identifies and alerts on issues in seconds, drastically lowering MTTR. One tightly integrated modern UI powered by the most advanced capabilities means reduced tool sprawl, centralized management, cost control, and one seamless and streamlined workflow for monitoring, troubleshooting, investigation and resolution.
4.2
Overview
Splunk Observability Cloud is the only fully integrated, turn-key solution of all the tools DevOps teams need to monitor any stack at any scale. One seamless UI provides end-to-end visibility, context rich workflows and lets you drill down to root cause in seconds.
Splunk Observability Cloud includes:
Infrastructure Monitoring - Splunk Cloud Infrastructure Monitoring provides DevOps, CloudOps, and SRE teams with real-time, full-stack visibility across all layers of their environment. With hundreds of out-of-the-box integrations, streaming analytics, pre-built dashboards, intelligent problem detection, programmability, and Service Bureau capabilities, Splunk Infrastructure Monitoring provides the fastest, most flexible visualization and accurate alerting for enterprise DevOps teams to meet or exceed Service Level Objectives (SLOs) by quickly detecting, triaging and resolving performance issues.
Synthetic Monitoring - Splunk Synthetic Monitoring helps teams proactively eliminate customer-facing issues and optimize web and API performance to deliver better digital experiences. Our solution goes beyond basic uptime monitoring and incorporates filmstrips and screen recordings of user experience, OOTB benchmarks and customizable performance metrics, and seamless connectivity to a suite of observability solutions to help teams quickly understand and prioritize performance defects wherever they originate, and collaborate to quickly resolve these issues to deliver digital experiences that delight customers.
APM (incl. Always On Profiling) - Splunk APM is the industry's most advanced Observability solution to troubleshoot issues and optimize performance for modern applications. It includes:
100% data capture: Never miss an issue or anomaly across in your code or traces with Full-Fidelity, NoSample data capture to ingest and contextualize all your telemetry data, and code profiling to identify performance bottlenecks Directed troubleshooting: easily identify, scope, and resolve issues with guided troubleshooting that automatically correlates and contextualizes system performance to find root cause faster OpenTelemetry standardization: engineering teams receive flexible instrumentation to build and measure data from new code in services, with no proprietary vendor lock in
Real User Monitoring - Splunk RUM connects ALL front-end traces with their backend tracing, providing unmatched visibility that enables DevOps teams to understand exactly how their backend services impact user experience, thereby simplifying troubleshooting and resource allocation. With streaming analytics, SREs and developers are alerted within seconds of any user issue, and powerful AI capabilities coupled with high cardinality analysis enable them to bring the issue to speedy resolution. OpenTelemtry-based instrumentation provides maximum flexibility and ensures customers are never locked in.
Log Observer Connect - Consolidate your tools by unifying the logs from Splunk Enterprise and Splunk Cloud, with our best-in-class metrics and traces. Log Observer Connect lets observability users explore the data you're already sending to your existing Splunk instances with Splunk Log Observer's intuitive no-code interface for faster troubleshooting, root-cause analysis and better cross-team collaboration.
Splunk Observability Cloud suite starts at $15 per host, per month, billed annually. Minimum host quantities pricing apply.
Highlights
- Full-stack, end-to-end visibility: with a tightly integrated modern UI and seamless, context- rich workflows for full stack monitoring, troubleshooting and investigation of the unknown unknowns. Splunk Splunk Observability Cloud lets you drill down to root cause in seconds. You can easily integrate your existing monitoring tools to bring full context to alerts behind every incident.
- NoSample™ full fidelity tracing: no more dead end investigations using a NoSample™ full fidelity approach to capture and visualize all data, in context, making sure no anomalies get missed. Find the backend root cause of any front-end issue. When troubleshooting backend issues, full fidelity tracing helps finding any issue, even those that do not result in system errors, and issues that no one anticipated.
- Monitor any stack at any scale: Great for on-prem, hybrid and multicloud environments. Splunk Observability Cloud is a future-proof observability investment with a solution that will scale with customers and can meet the needs of any cloud-native environment, no matter how large (up to petabytes of ingest per day) or how complex (multiple cloud environments all integrated into one system of record), without compromising performance.
Details
New
Introducing multi-product solutions
You can now purchase comprehensive solutions tailored to use cases and industries.
Features and programs
Buyer guide
Gain valuable insights from real users who purchased this product, powered by PeerSpot.
Financing for AWS Marketplace purchases
AWS Marketplace now accepts line of credit payments through the PNC Vendor Finance program. This program is available to select AWS customers in the US, excluding NV, NC, ND, TN, & VT.
Pricing
Pricing is based on the duration and terms of your contract with the vendor. This entitles you to a specified quantity of use for the contract duration. If you choose not to renew or replace your contract before it ends, access to these entitlements will expire.
Additional AWS infrastructure costs may apply. Use the AWS Pricing Calculator to estimate your infrastructure costs.
Dimension | Description | Cost/12 months |
|---|---|---|
OBSCloud: Infrastructure | Real-time visibility for infrastructure health. 200 hosts included | $36,000.00 |
OBSCloud: App & Infra | All the data you need to adopt microservices. 100 hosts included | $72,000.00 |
OBSCloud: End-to-End | Troubleshoot O11y with ease to create the best UX. 100 hosts included | $90,000.00 |
Vendor refund policy
All purchases are final, no returns or refunds.
Custom pricing options
Request a private offer to receive a custom quote.
Legal
Vendor terms and conditions
Upon subscribing to this product, you must acknowledge and agree to the terms and conditions outlined in the vendor's End User License Agreement (EULA) .
Content disclaimer
Vendors are responsible for their product descriptions and other product content. AWS does not warrant that vendors' product descriptions or other product content are accurate, complete, reliable, current, or error-free.
Delivery details
Software as a Service (SaaS)
SaaS delivers cloud-based software applications directly to customers over the internet. You can access these applications through a subscription model. You will pay recurring monthly usage fees through your AWS bill, while AWS handles deployment and infrastructure management, ensuring scalability, reliability, and seamless integration with other AWS services.
Support
Vendor support
Splunk offers a variety of support options to help ensure your success. support@splunk.com
AWS infrastructure support
AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.
Updated weekly
Top
10
In Data Anonymization, Data Security and Governance
Sentiment is AI generated from actual customer reviews on AWS and G2
Functionality
Ease of use
Customer service
Cost effectiveness
Positive reviews
Mixed reviews
Negative reviews
AI generated from product descriptions
Full-Fidelity Data Capture
NoSample full fidelity tracing approach that captures and visualizes all telemetry data without sampling, ensuring no anomalies are missed across metrics, traces, and logs.
OpenTelemetry-Based Instrumentation
Standardized instrumentation using OpenTelemetry framework for flexible data collection from services and applications without vendor lock-in.
AI-Driven Anomaly Detection
Machine learning-powered pattern detection that proactively identifies and alerts on performance issues and anomalies within seconds to reduce mean time to resolution.
Integrated Monitoring Capabilities
Unified platform combining infrastructure monitoring, synthetic monitoring, application performance monitoring with always-on profiling, real user monitoring, and log analysis in a single interface.
Multi-Environment Scalability
Support for on-premises, hybrid, and multi-cloud environments with capability to handle petabytes of data ingestion per day across complex distributed architectures.
Real-time Data Collection and Indexing
Collects and indexes machine-generated data from virtually any source or location in real time with automatic indexing upon data ingestion.
Complex Event Correlation
Correlates complex events spanning multiple diverse data sources using time-based correlations, transaction-based correlations, sub-searches, lookups, and joins.
Scalable Data Processing
Scales to collect and index tens of terabytes of data per day with distributed computing architecture.
High Availability Clustering
Provides clustering technology for availability and fault tolerance across distributed computing environments.
Machine Data Search and Analysis
Enables searching, analyzing, and visualization of machine data generated by IT systems and technology infrastructure across physical, virtual, and cloud environments.
Data Routing and Destination Management
Routes data to multiple destinations with capability to deliver specific data to targeted tools while archiving full fidelity data to cost-effective storage
Data Optimization and Reduction
Reduces data streams by up to 50% through removal of unused log and metric data
Event Processing and Transformation
Processes event data through centralized parsing with capabilities to route, optimize, reformat, and enrich data in flight
Role-Based Access Control
Implements role-based access control with support for external authentication via LDAP, Splunk, and OpenID Connect identity providers
Real-Time Monitoring and Configuration
Provides GUI-based configuration and testing interface with live data capture and real-time observability pipeline monitoring
Standard contract
No
No
Customer reviews
Nishith Joshi
Real-time monitoring has improved performance tracking and has simplified analyzing complex metrics
Reviewed on Mar 30, 2026
Review from a verified AWS customer
What is our primary use case?
I work in data analytics with experience in monitoring systems and working with large-scale data. I have used Splunk Observability Cloud in the context of real-time monitoring and performance tracking.
Splunk Observability Cloud works well alongside Splunk Enterprise for logs and integrates with cloud platforms and monitoring tools. It is often used together with other observability solutions. The tracking metrics such as latency, error, and throughput are easily visible. I can also build dashboards for real-time visibility.
We use Splunk Observability Cloud to track latency metrics and identify where slowdowns are happening. We have visualized response time trends and quickly detected performance degradation. We have also used it for infrastructure monitoring. Over the past six months, we have been monitoring metrics such as CPU usage and memory. If there is unusual usage, we identify it quickly using this tool and take action before it impacts our performance.
What is most valuable?
Splunk Observability Cloud has optimized our solutions and helped us understand the metrics. The AI-powered guidance in Splunk Observability Cloud helps us identify patterns and anomalies in system performance data. Instead of manually going through a large volume of metrics, it highlights unusual behavior and potential issues automatically. This makes it easier to detect problems early and understand where to focus, especially in complex systems.
There is definitely log analysis and dashboards. Log monitoring and dashboards have been better using Splunk. Splunk Observability Cloud is the best tool for log monitoring and dashboards. Splunk Observability Cloud feels more focused on real-time metrics and performance tracking compared to some other traditional log-based tools.
What needs improvement?
The learning curve for understanding all features should be improved, and the cost can increase. Splunk Observability Cloud is very costly. Cost is one of the drawbacks.
Sometimes too many alerts, if not configured properly, is a major drawback that could be improved.
The prices are quite high. As I have mentioned earlier, we are Splunk partners, so this has been handled by my other team. However, for other companies and small startups, the prices are very high for them to use Splunk Observability Cloud. Price is a concern.
For how long have I used the solution?
I have been working with Splunk Observability Cloud for the past six to eight months.
What do I think about the scalability of the solution?
We have expanded our team and usage. We are scaling up right now from ten people to twenty-five or thirty. Over time, I expanded my usage by going through basic monitoring and exploring things like setting up custom dashboards. We have gradually expanded our usage from setting up dashboards and alerts.
How are customer service and support?
For customer service, I would rate them eight out of ten because whenever we raise a support case, they are always available for us.
For Splunk real user monitoring, implementation took time because our engineers tried very hard. In case of support, there should be more engineers specifically for this case.
Which solution did I use previously and why did I switch?
We have used different products like Palo Alto and Cribl before moving to Splunk Observability Cloud. As we got a partnership, we have shifted to Splunk Observability Cloud.
What was our ROI?
The information is confidential and I cannot share specific details. However, I can tell you in percentage that fifty to sixty percent of our work has been easy to identify in terms of performance metrics and performance using Splunk Observability Cloud.
It has saved us thirty to forty percent in cost because we used some other tools before that were more costly. As we are Splunk partners, we obtained Splunk Observability Cloud, and our costs have been reduced by thirty to forty percent using this solution.
What other advice do I have?
My overall impression of using Splunk Observability Cloud is that it is a strong tool for real-time monitoring. It does take some time to get fully comfortable with all the features. We have not explored everything right now, but in the future, we are looking forward to using more features.
A part of the implementation has been handled by my other team. I have explored using custom metrics to enrich observability data, mainly by adding application layer or business-related metrics alongside system metrics. I have used custom metrics in a limited way to add more context to monitoring, such as tracking application-specific metrics alongside system data.
Dashboard customization in Splunk Observability Cloud is quite flexible. We care about metrics in different types of visualization, and it helps us organize them in a way that makes sense for monitoring. It allows us to build dashboards tailored to specific use cases. This makes it easier to monitor system performance and quickly identify issues without going through unnecessary data.
The integration in real user monitoring from Splunk Observability Cloud is actually better than from some other tools. If you are looking for the best SIM tool, then Splunk Observability Cloud is for you. If you have funds and capability for the cost, then Splunk Observability Cloud is definitely the best tool you can use.
I have given this review an overall rating of nine out of ten.
Which deployment model are you using for this solution?
Public Cloud
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Jigar Hirani
End-to-end tracing has improved monitoring and now reduces downtime with proactive alerts
Reviewed on Mar 27, 2026
Review provided by PeerSpot
What is our primary use case?
My experience with Splunk Observability Cloud involves monitoring infrastructure, application performance monitoring, and real-time alerting. Although I am no longer working with Splunk Observability Cloud due to a recent position change that occurred approximately two months ago, I previously monitored servers, containers, Kubernetes , application performance, and Docker images. In terms of monitoring, I tracked response time, error rate, and latency. This capability helped in identifying performance issues or infrastructure issues before users were impacted. For instance, if Kafka failed, we knew about it before users experienced an impact and could resolve it before it caused maximum damage to our systems. I also used dashboards and alerts to monitor critical services and received notifications whenever issues arose.
The features of Splunk Observability Cloud that I found most valuable included application performance monitoring and distributed tracing, particularly when monitoring distributed systems or applications. Real-time alerting and Kubernetes monitoring were essential since Kubernetes is quite complex. I could effectively monitor Kubernetes using Splunk Observability Cloud. Additionally, the Smart Attack Detector, which I tried at the last moment, was a good feature, although I did not work extensively with it. The Log Observer was very fast and reliable, and the dashboards provided good visualization for troubleshooting and monitoring. If there was a network outage, I received notifications very quickly.
What is most valuable?
Splunk Observability Cloud helped me detect performance issues faster and reduce downtime in my organization. Earlier, I had limited visibility into my application performance. After implementing observability, I could see end-to-end transaction tracing and quickly identify where issues arose, which reduced troubleshooting time and improved overall application stability and availability for our customers and systems. This capability also helped in proactive detection.
What needs improvement?
I believe that areas of Splunk Observability Cloud that could be improved include the initial setup and instrumentation costs, which take more time for APM. Some dashboards and detectors require tuning, and I think the visualization needs enhancement. Additionally, alert noise remains an issue, and we need suppressions for when systems go down for short periods. Better integration with third-party tools and easier onboarding of data would also be beneficial.
What do I think about the stability of the solution?
When evaluating the stability and reliability of Splunk Observability Cloud, I can confirm it has been reliable. I would rate it eight out of ten for reliability.
What do I think about the scalability of the solution?
Splunk Observability Cloud scales very well with the growing needs of my organization. I can demonstrate the scalability of our system to our customers, which is advantageous for business. This capability helped us secure business as we provide real insights to customers who were happy to purchase our systems and applications. The ROI has been good for us.
How are customer service and support?
I communicated with the technical support of Splunk Observability Cloud regarding our issues, specifically when I was unable to monitor or set up Kubernetes to monitor our infrastructure. They were able to help us, and we purchased an on-demand call for assistance, which they provided.
How was the initial setup?
I did not participate significantly during the initial setup and deployment of Splunk Observability Cloud, but I was part of the team. I know the process is straightforward. We simply needed to ensure that all data was in the correct format, matched current dashboard setups, and included all necessary fields for insights.
What was our ROI?
My experience with lowering the cost of unplanned digital downtime using Splunk Observability Cloud has been positive, as it helped us significantly. Our system was bottlenecking and consuming excessive resources, but with the ability to detect and resolve that issue, overall system usage was reduced without further bottlenecking.
What's my experience with pricing, setup cost, and licensing?
Regarding metrics or data points confirming performance improvement and resilience, I found that during certain times, we experienced the most significant spike in our systems due to multiple users requesting the same service. We needed to change our overall architecture as we were not scaling adequately, and this was bottlenecking our systems. By observing this from the dashboards, I realized improvements could be made. After implementing the solution, our application's stability improved significantly. I can confidently say our availability improved by forty percent, and downtime was reduced by approximately seventy to eighty percent.
What other advice do I have?
My impression of the No-Sample Tracing feature in Splunk Observability Cloud is that it helped us detect key metrics and real use cases, particularly in tracking and monitoring. I primarily tracked server uptime, application response time, API latency, and similar metrics. Combining these parameters instead of relying on a single factor improved our system. Specifically, I used distributed tracing to understand how requests flowed through our network and how different systems responded, which helped determine if any particular system impacted all our systems.
Regarding the AI-powered analytics and guidance provided by Splunk Observability Cloud, I have not actually used the AI features, particularly with ITSI, as I did not utilize that aspect for observability.
My teams effectively utilized the ability to enrich data with custom metrics in Splunk Observability Cloud. They found valuable insights from our systems and created reports that the application and infrastructure teams used to decide their workarounds and solutions. They developed different solutions, experimenting and improving our systems by relying on observability to understand what happens when we adjust parameters or change configurations.
When evaluating the effectiveness of the out-of-the-box customizable dashboards provided by Splunk Observability Cloud, I note that we mostly used the default dashboards. While we created a custom dashboard to track our overall system flow, we relied on pre-built dashboards for monitoring and representing our business perspective. When we needed to showcase our environment to customers, we demonstrated our scalability and system performance, including response time and downtime, providing insightful details from the dashboards for business use cases.
I would rate Splunk Observability Cloud an eight out of ten, where ten is the best and one is the worst.
RahulMhatre3
Observability has improved anomaly detection and dashboard flexibility but needs simpler licensing
Reviewed on Mar 11, 2026
Review provided by PeerSpot
What is our primary use case?
I work with Splunk Observability Cloud .
What is most valuable?
Splunk Observability Cloud is effective for detecting anomalies and preventing system outages.
There are pre-built dashboards where I can check service centers and monitor spikes in errors and traces. I can also check error logs, and everything is consolidated while providing anomaly alerts in case there is any deviation from the baseline.
The personalized dashboard helps my team. Splunk Observability Cloud has its own query language that can be used to build easy dashboards. Multiple teams can build their own, replicate them, and also have role-based access control, which is beneficial.
The application management feature helps with end-user experiences because front-end monitoring helps track user issues and any back-end issues that may be causing them. It shows how the user experience is overall and identifies any outages. Front-end monitoring is very useful.
What needs improvement?
As an integrator, I think the biggest advantage of Splunk Observability Cloud is because it is part of the Splunk ecosystem, it is good to correlate logs with application data through traces and metrics. Overall, it is an evolving product, not top class, but it is getting there.
I see many good things about the product and many advantages. Regarding the negative side, I think the licensing can be much better because it is based upon host units and there is additional licensing for the number of traces that I can bring in. A simplified licensing model would be much better, similar to what other tools offer. Pricing could be either based upon ingestion or directly based upon host units, rather than multiple different trackers. There are licenses for custom metrics, licenses for the number of traces that I can ingest, and host unit licensing. A better licensing plan would be beneficial.
For how long have I used the solution?
I have been using Splunk Observability Cloud for more than two years.
What do I think about the stability of the solution?
I have not seen any issues with stability. The solution is very stable.
What do I think about the scalability of the solution?
Regarding scalability, I do not think there is an issue with scaling. I have never encountered any issues with that.
How are customer service and support?
Support is good.
Which solution did I use previously and why did I switch?
How was the initial setup?
The installation and deployment process is somewhat challenging, but there are multiple ways of deployment that give me a lot of options. I would say it is acceptable and not that complicated. I can deploy agents with Splunk deployment server, which is beneficial. However, there is some dependency on the deployment server.
What about the implementation team?
As an integrator, I deployed it and made it workable with OpenTelemetry .
What was our ROI?
I am able to observe significant ROI with Splunk Observability Cloud. When I worked with a previous solution, it was one-third of the cost of Dynatrace , so there was definitely an exceptional return on investment. It helped reduce costs by almost 50%.
What's my experience with pricing, setup cost, and licensing?
Which other solutions did I evaluate?
When I compare Splunk Observability Cloud to other vendors, the good part is the branding because the support is good. There is a large community where I can look for known issues. However, experience-wise, DataDog is far more superior and easier to use. DataDog has its own agent for tracing, so I just deploy one trace. With Splunk Observability Cloud, they are dependent upon OpenTelemetry , and there is a learning curve because it is open source. The onboarding is not as smooth as DataDog or Dynatrace.
What other advice do I have?
I deploy both on-cloud and on-premise options for clients. I have deployed Splunk Observability Cloud on Splunk Cloud. I have not used threat detection because there is a separate tool for it. I have not deployed a solution on AWS Cloud or purchased it from AWS Marketplace in my career. I would rate this review 7.5 out of 10.
Ie Ogbonnaya
Monitoring has transformed incident response and cost management while making data fully visible
Reviewed on Mar 11, 2026
Review provided by PeerSpot
What is our primary use case?
My main use case for Splunk Observability Cloud involves performing visualized performance metrics and tracing capability, making sure that all troubleshooting is faster during incident response. We also integrate it to ensure that every data point and operational data is monitored.
A specific example of how I have used Splunk Observability Cloud in a real situation is that we make use of it to ensure that every operational data point is being monitored, traceable, and visible.
Regarding my main use case for Splunk Observability Cloud, I would add that we really utilize it in the area of cost management, along with the smarter alerting system and the log search performance.
What is most valuable?
The dashboard and lead time metrics from Splunk Observability Cloud really improve our workflow, making every workflow more visible and understandable for our stakeholders as well.
Splunk Observability Cloud has positively impacted my organization. Although we have not noticed any specific outcomes, we really recommend it for handling higher data volumes effectively, especially its scalability, which is suitable for us during enterprise environments, monitoring, and alerting.
The best features that Splunk Observability Cloud offers include APM monitoring, the fast alerting system during incident response, and the dashboard that provides real-time metrics.
What needs improvement?
To improve Splunk Observability Cloud, I wish they could develop more in the area of pricing and cost transparency, provide a smoother learning curve, and enhance the log management experience, ensuring that log navigation is not solely focused on metrics and tracing but also has good search performance to understand larger data sets.
I would also like to see a very good user interface and onboarding experience that is smoother for new users.
Before we wrap up, I want to emphasize the need for improvements in the log search performance and the smarter alerting system.
For how long have I used the solution?
I have been using Splunk Observability Cloud for over a year.
What do I think about the stability of the solution?
In my experience, Splunk Observability Cloud is very stable in the area of real-time monitoring and analytics.
What do I think about the scalability of the solution?
When handling higher data volume and scalability, I can say that we have over 70% efficiency now.
For scalability, I would rate it an eight, as it is very good in responding faster and monitoring larger data sets.
How are customer service and support?
We have great feedback from the customer support of Splunk Observability Cloud, as they help solve and make bug alert management easier, respond quickly to incidents, and monitor data sets effectively.
Which solution did I use previously and why did I switch?
I have not used any different solution before Splunk Observability Cloud.
What was our ROI?
I have seen a return on investment with Splunk Observability Cloud, with current metrics showing over 75% efficiency. It has really helped our workflow, saved time, reduced costs, and also saved employees' time.
What's my experience with pricing, setup cost, and licensing?
My experience with the pricing, setup cost, and licensing for Splunk Observability Cloud was acceptable at first, though I believe they need to improve more in this area. I would rate it a seven, but overall, the costing and licensing were fine for me.
Which other solutions did I evaluate?
Before choosing Splunk Observability Cloud, I was recommended to it specifically.
What other advice do I have?
Splunk Observability Cloud deserves an eight out of ten rating. I choose an eight because of their fast response and the monitoring of strong infrastructures.
I would advise others looking into using Splunk Observability Cloud because I am a witness to its effectiveness. It is very beneficial for workflow, making tasks easier and flexible while being able to track and monitor all data sets.
HrishikeshNavkar
Metric-based monitoring has simplified alerting and currently supports our cloud migration
Reviewed on Feb 04, 2026
Review provided by PeerSpot
What is our primary use case?
Currently, we are in the process of migrating from on-premises to Splunk Cloud as well as Observability . For metric-based monitoring, we can monitor via Observability and are migrating it there. We are setting up private locations to monitor synthetic tests, such as ping checks, port checks, and URL monitoring. The rest is metric-based monitoring, which is being done by Splunk using Splunk OTeL, which is an OpenTelemetry agent for Observability. This agent brings metrics from end devices to Observability. Based on these metrics, we set detectors and rules to trigger alerts.
Our observability is not yet live in production with Splunk Observability Cloud . It is currently being built, and we are adding new components, but it is not yet fully ready.
What is most valuable?
Comparing to Cloud, Splunk Cloud, or any other solution, the most valuable feature of Splunk Observability Cloud is that it is entirely based on metrics. The agent is also very lightweight compared to Splunk UF and does not consume much compute resources on the end server or host from which we are pulling data. However, it can only monitor metrics and cannot monitor logs.
Regarding how Splunk Observability Cloud has benefited our organization, we are yet to go live, but most of the configuration that requires conditions and triggers on Splunk Cloud involves writing queries. With Splunk Observability Cloud, the process is quite simple. We can directly get metrics flowing, set thresholds, and everything is UI-based. This requires less time to set up and use. I do not have that much visibility with Splunk Observability Cloud at this time as I am working as an administrator. It has helped us create dashboards for visualization purposes.
What needs improvement?
There is one thing that could be improved in Splunk Observability Cloud. We have the capability in Splunk to connect to Splunk agents such as Splunk forwarders from a deployment server and update the end agents and forwarders using server classes. We can push and update configurations from our own hosted servers without needing to access the end device. In Splunk Observability, the OTeL agent cannot be updated from our end. Every time we need to update, we have to reach out to users or gain access to the host to update the configurations. There should be a solution to update OTeL agents from Splunk Observability Cloud itself.
For how long have I used the solution?
I have been working with Splunk Observability Cloud for approximately five to six months.
What do I think about the stability of the solution?
Splunk Observability Cloud is reliable based on my experience with stability and reliability so far.
We were facing some challenges with the stability of Splunk Observability Cloud regarding the login page. It was not working several times and was not accepting SSO authentication. The observability team found a solution for this issue, though I am not fully aware of the details. There were several times when opening the page did not directly log in and showed some errors.
What do I think about the scalability of the solution?
I have not encountered any scenarios regarding the scalability of Splunk Observability Cloud. It should be good because it is cloud-based. I am not aware of the licensing model and how it scales or what the rules are for scaling.
How are customer service and support?
I was not directly involved with technical support for Splunk Observability Cloud, but I am aware that my teammates reached out to support. They were finding issues regarding configuration, installation, and deployment of Observability for specific components. Since Observability is cloud-based and hosted by Splunk, the components we own on-premises are the OTeL gateways, agents, and private locations. They reached out to the vendor regarding these components, and the support was quite smooth. They have raised some bugs as well for the vendor to fix. I would rate the technical support from Splunk an eight out of ten.
How was the initial setup?
Since it is cloud-based, Splunk Observability Cloud was ready to use upon deployment. The OTeL gateways were built by our team and required configuration. I was not part of that process but am aware that we needed to configure the OTeL gateways to route data to them as an endpoint and from there it would be ingested to Observability or forwarded to Observability. There were no significant issues with this process and it was quite smooth. However, configuring private locations on a few gateways was quite difficult to set up and maintain because Docker was going down at times. There were some issues that were discussed with Splunk vendor, and they provided guidance on how to fix them.