Detect, Investigate and Respond Faster with Latest Innovations in Splunk Enterprise 9.1 and Splunk Cloud Platform

SecOps, ITOps, and engineering teams continue to struggle with finding and fixing problems, which is becoming harder than ever as security threats persist, and the pace of change across software and systems increases.

We know you want the ability to more easily get ahead of major issues, respond rapidly to incidents that inevitably occur, and pivot quickly when the macro environment demands it — so our latest product enhancements help you to achieve that.

Splunk uniquely delivers unparalleled visibility across hybrid environments, enabling better management of data across all sources and its lifecycle. Our latest product innovations deliver more unified experiences through a shared data context, deeply integrated workflows and improved user experiences for SecOps, ITOps, and engineering teams. This, in turn, not only helps to accelerate search performance and manage cost and compute, but the shared visibility across teams also makes it easier to detect, understand, and prioritize incidents for response.

Comprehensive Visibility at Scale Facilitates Better Detection From Edge to Cloud

For customers who need better detection for hybrid and edge deployments, new innovations in Splunk platform provide deeper, more flexible data management capabilities that give SecOps, ITOps, and engineering teams control over the shape, volume, and destination of data. 

For more complete visibility from the edge, Splunk is partnering with Edge Hub Central to introduce the Splunk Edge Hub, a net-new solution that captures data generated by sensors, industrial equipment, and IoT devices from physical environments and streams it to the Splunk platform for analysis. 

Splunk will also expand its federated search capabilities with the release of Federated Search for Amazon S3 so you can search data residing in AWS S3 without the need to ingest, allowing for better correlation, enrichment, and analysis across your data sets, all from within Splunk Cloud Platform. 

What’s more, enhancements to existing functionality in Splunk platform make it even easier to access and organize data at the edge, which ultimately helps to temper the noise in your data sets. Some highlights include:

• Continued investments in Edge Processor: Splunk’s next-generation cloud-based data pre-processing capability, launched in Q1 2023 on Splunk Cloud Platform – now supports data ingestion and export using HTTP Event Collector (HEC).
• Improvements to Ingest Actions: Available on both Splunk Enterprise 9.1 and Splunk Cloud Platform – enable greater granularity in data management at ingest with more options for routing select data sets to multiple Amazon S3 buckets, and the ability to preview a near-live stream of data while authoring rulesets.

Faster, More Accurate Analytical Workflows Made Possible by Greater Administrative Control

To support business continuity and enable better resilience, Splunk Admins will have preview access to Cross-Region Disaster Recovery, available for Splunk Cloud Platform on US-East AWS stacks. The ability to failover to standby regions in the event of an AWS active region failure will give customers the digital resilience needed to monitor mission critical services and avoid penalties for non-compliance. 

Further improvements to existing Admin tools mean you’ll troubleshoot less and investigate faster, with greater accuracy.  Some highlights include: 

• Better monitor and manage the performance of your Splunk Cloud Platform deployment with health and maintenance dashboards in Cloud Monitoring Console (CMC);
• Easily identify outdated apps that could pose security risks with Splunk Assist;
• Improve access control and permissions with new options for sharing searches as a job or query;
• Generate faster insights through improved homepage experience such as starting where you left off with recently viewed knowledge objects;
• Reduce dashboard resource consumption and streamline editing and configurations in Dashboard Studio.

More Optimized Response With Machine Learning Powered Offerings for Enhanced Decision-Making

For human-led responses, Splunk platform connects the right people — within and across teams — with the relevant information and guidance on resolution. Deeper collaboration allows organizations to more efficiently scale their operations to respond rapidly, minimizing disruptions, even when teams prioritize different data sets and use cases. To that end, we believe that artificial intelligence and machine learning (AI/ML) can provide profound help to humans by incorporating all relevant context, data, and knowledge into decision-making. 

Our commitment to extending AI/ML capabilities across the Splunk product portfolio will guide you in each step of your journey — from simplified workflows for anomaly and outlier detection, to alert correlation and prioritization, and assisted remediation and response — so that you can get insights and take action quickly.

With Splunk, organizations can win in the face of disruption.

Follow all the conversations coming out of #splunkconf23!

Follow @splunk