The second law of thermodynamics suggests that the universe moves towards disorder. Consequently, it is unsurprising that modern organisations possess complex IT environments.
Organisations adopt numerous IT tools and platforms regardless of the sector, scaling systems and creating new apps to improve operational efficiency, customer experiences, and revenue streams. This results in a tech sprawl and data silos that hinder business resilience.
Observability is essential for managing complexity, requiring visibility into the entire IT environment, including logs, metrics, and traces. A 2023 survey by Splunk shows that mature observability practices lead to four times faster resolution of downtime or service issues and high confidence in meeting application requirements for nearly nine out of 10 organisations.
In Singapore, organisations value observability but often have siloed monitoring tools and teams. The Splunk survey indicates a lack of convergence between observability and other functions like infrastructure, digital experience, network performance, and security monitoring.
“Traditionally, organisations have specific tools for [dedicated] monitoring purposes. They may have a tool to monitor just network devices, another to monitor servers and infrastructure, and an application performance monitoring tool. These tools typically didn’t talk to each other, so they’re disconnected, [making it challenging when organisations have to] troubleshoot something,” Spiros Xanthos, Splunk’s senior vice president (SVP) and general manager (GM) for Observability and ITOps, tells DigitalEdge at the company’s .conf23 event in Las Vegas.
“Most of those monitoring tools run on a static set of data [and are programmed based on a specific set of conditions], so it’s difficult to find [technical issues] in real-time. Since they tend to be proprietary, their data can’t be shared with other monitoring tools.”
See also: Conducting secure data movements in the cloud symphony
The path to digital resilience
Splunk says four capabilities are needed for digital resilience.
The first is foundational visibility, wherein organisations need visibility across hybrid IT environments as they embrace hybrid cloud. Next is prioritised actions, which call for organisations to understand the risk and performance of their digital tools. Getting ahead of issues and proactively responding to them is crucial to ensure operations’ uptime. Finally, organisations must be able to optimise the experience to delight customers and build trust with them.
See also: 80% of AI projects are projected to fail. Here's how it doesn't have to be this way
“All [these capabilities are] integrated into the Splunk platform, which has been transformational for our customers. They can improve visibility, respond to disruptions faster, and drive efficiencies as different teams don’t see things differently,” says Gary Steele, CEO of Splunk, at the opening keynote of conf.23.
In a separate interview with Simon Davies, Splunk’s SVP and GM for Asia Pacific, says: “Splunk is so valuable to enterprises because it allows them to bring together to draw insights. Today, the customer experience fails [when any IT system an organisation uses fails as those systems are interconnected]. By having visibility across their entire operations, organisations can ensure the uptime of IT systems for digital resilience and customer experience. They can also better investigate cyber incidents and breaches and decide the best way to remediate and recover.”
Indonesia’s digital payment platform DANA, for instance, uses Splunk to gain full-fidelity observability, which resulted in improved digital resilience. Its monitoring stack previously lacked a dedicated tool for distributed tracing and application performance monitoring, hindering DANA from having a holistic picture of its IT environment.
Since Splunk provides an observability platform with full-fidelity monitoring, DANA can recover up to 90% faster from cyber incidents. It can ingest full-fidelity data and detect anomalies almost instantaneously, compared to previous hours or days. DANA also saw higher productivity and collaboration across teams due to seamless monitoring, troubleshooting and resolution workflows.
“Splunk gives us both the depth and breadth of visibility we need, helping us reduce gaps from dropped transactions. [We can now] predict and detect problems before our customers notice them, which helps us deliver a flawless customer experience and quality service,” says Norman Sasono, chief technology officer at DANA.
AI-enabled offerings
At conf.23, Splunk introduced Splunk AI, a collection of AI-powered offerings to enhance its unified security and observability platform. These offerings empower security operations (SecOps), IT operations (ITOps), and engineering teams to automatically mine data, detect anomalies and prioritise critical decisions based on intelligent risk assessment.
To stay ahead of the latest tech trends, click here for DigitalEdge Section
Splunk AI enhances domain-specific large language models and machine learning algorithms using security and observability data. This boosts productivity for SecOps, ITOps, and engineering teams, freeing them for more strategic work and reducing costs. Splunk is committed to an open and extensible approach, allowing organisations to extend Splunk AI models or use their third-party tools.
Splunk AI offerings include:
- Splunk AI Assistant, which leverages generative AI to provide an interactive chat experience and helps users author Splunk Processing Language (SPL) using natural language. Users can ask the AI chatbot to write or explain customised SPL queries to increase their Splunk knowledge. This improves time-to-value and helps make it more accessible, further democratising an organisation’s access to and insights from its data.
- Splunk App for Anomaly Detection provides SecOps, ITOps and engineering teams with a streamlined end-to-end operational workflow to simplify and automate anomaly detection within their environment.
- Splunk App for Data Science and Deep Learning 5.1 offers access to additional data science tools to integrate advanced custom machine learning and deep learning systems with Splunk. This release includes two AI assistants allowing customers to leverage LLMs to build and train models with domain-specific data to support natural language processing.
Getting more out of edge computing
Industrial organisations are recognising the significant benefits of edge computing. Yet, identifying and gathering data from numerous physical and virtual sources can be complex, tedious and costly.
Splunk introduced Splunk Edge Hub to simplify data ingestion and analysis from sensors, Internet of Things (IoT) devices, and industrial equipment. The device works out of the box, can be placed in physical environments or on existing operational tech (OT) hardware and immediately collects, collates and streams data to the Splunk platform.
By using Splunk Edge Hub and the Splunk platform, organisations will be able to:
- Monitor environmental conditions, including water, temperature, humidity and gasses, to quickly and efficiently identify and remediate problematic conditions.
- Perform predictive analytics to identify anomalies in manufacturing processes and surface early indications of equipment maintenance needs or outages to minimise operational downtime.
- Achieve more comprehensive visibility across IT and OT environments to better detect, investigate and remediate threats and IT stressors from a single platform.
- Build custom solutions through industry experts across historically difficult environments to extract data from, including transportation, oil and gas, and supply chain.
“The only way to truly improve resilience is to be able to see everything going on within your organisation. Edge Hub is breaking down barriers and providing access to data that has historically been difficult to extract and integrate, to empower our customers with a level of visibility they have never had before. Our partners can use Splunk Edge Hub to build even more solutions across many industries that are tailor-made to their needs,” says Tom Casey, SVP and GM of Products and Technology at Splunk.
