You have more data coming at you than ever before. Over the next five years, the total amount of digital data is going to be more than twice the amount of data created since the advent of digital storage. With the success of your company often determined by how you anticipate and respond to threats – and leverage meaningful insights – you need the ability to quickly search and find insights in your data, despite this increasing deluge of information.

When considering application source code, the way you maintain consistency throughout environments is mostly straightforward. You write application code, commit it to source control, and then build, test and deploy via a CI/CD pipeline. Since the application is defined by the source code living in source control, the build will be identical in all environments to which it’s deployed. But what about the infrastructure on which an application runs?

People make mistakes, technology breaks down, and processes aren’t infallible. But, when incidents happen, what can we do about it? What can we learn? As with all things, learning isn’t a binary action, it’s a process. And, when an incident occurs, organizations typically conduct a post-mortem analysis and generate a post-incident review to uncover what went wrong and why.

Splunk Observability is incredibly good at details! Many of us use it as a metaphorical microscope through which we observe our software. But how do you observe the long-term trends and usage of that microscope? There are numerous organization-level metrics provided in Splunk Observability that can be used to chart organization-level concerns. These can be leveraged in various ways to understand things like uptake, billing and just how much value Observability is providing.

Managing source code with a defined method is one vital aspect of implementing effective application development. Today, two strategies for doing this stand above the rest: trunk-based development and GitFlow. Choosing the proper method for source code control is often dependent upon several factors, such as: In this article, let’s define and compare trunk-based development and GitFlow, look at the factors that drive an organization’s decision between the two.

In software development, the name of the game is to develop reliable systems in a fast-paced manner. As development shops have evolved to increase the speed of delivery, many organizations have embraced the Agile development practices of continuous integration and continuous deployment (CI/CD). But the very nature of fast-paced development introduces challenges — particularly around the quality and the reliability of the software being developed.

Status pages have become the end-users window into your team’s operations. Companies with status pages are doing the right thing for their users — building in some transparency while mitigating frustration and support contact. For the benefits of status pages to pay off, organizations need to treat them as something more than active wiki-pages run by support.

Observability is a mindset that lets you use data to answer questions about business processes. In short, collecting as much data as possible from the components of your business — including applications and key business metrics — then using an AI-powered tool to help consolidate and make sense of this huge volume of data gives you observability into your business. Having observability for your business and applications lets you make smarter decisions, faster.

What if there was a way to deploy a new feature into production — and not actually turn it on until you’re ready? There is! These tools are called feature flags (or feature toggles or flippers, depending on whom you ask). Feature flags are a powerful way to fine-tune your control over which features are enabled within a software deployment. Of course, feature flags aren’t the right solution in all cases.

Two categories a software organization should always strive to improve in are: Data analysis is one way that your organization can improve the efficiency of incident management and overall application quality. However, the questions remain – which metrics should be collected? How can analysis of these metrics facilitate these improvements? Read on to hear about five key metrics essential to incident response.

With the release of Splunk 9.0 came support for SmartStore in Azure. Previously to achieve this, you’d have to use some form of S3-compliant broker API, but now we can use native Azure APIs. The addition of this capability means that Splunk now offers complete SmartStore support for all three of the big public cloud vendors. This blog will describe a little bit about how it works, and help you set it up yourself.

If you’re new to the concept or just trying to keep up with the conversation, Gartner defines Observability as the evolution of monitoring into a process that offers insight into digital business applications, speeds innovation and enhances customer experience. Some folks think that Observability is a new buzzword, but in fact the term was coined in 1960 by Rudolf E. Kalman, a Hungarian-American engineer.

You’ve written code, you tested it and built it. Now, your release is ready to deploy into production. But: is your production environment ready for the release? That’s a question every IT professional and platform engineer should be asking before accepting a new release — whether the release is an update of an existing app or a totally new deployment. To that end, here’s a checklist to make sure that your production environment is ready to go.

Load balancers and content delivery networks (CDNs) are critical tools for delivering modern, cloud-native applications. They play essential roles in ensuring the smooth flow of data between applications and end-users. If you don’t have both a load balancer and a CDN in place, you’re probably in a poor position to guarantee the uptime of your application across a wide geographic area. That does not mean, however, that load balancers and CDNs do the same thing.

DevOps has never been more popular than it is today. Since first popularized nearly 15 years ago by Patrick Debois and Gene Kim, DevOps has become the standard approach for managing IT. In this blog post, we’ll look at key trends and data that paint a picture of today’s State of DevOps. You can learn more about the history and fundamentals of the topic in our article What is DevOps and why is it important?.

Extended Berkeley Packet Filter (eBPF) is an exciting technology that provides secure, high-performance kernel programmability directly from the operating system. It can expose a wide range of applications and kernel telemetry that is otherwise unavailable. But with operating systems frequently processing very large volumes of network data, even with an efficient framework and cheap eBPF program runs, costs can add up quickly.

Kubernetes is an open source platform that, through a central API server, allows controllers to watch and adjust what’s going on. The server interacts with all the nodes to do basic tasks like start containers and pass along specific configuration items such as the URI to the persistent storage that the container requires. But Kubernetes can quickly get complicated. So, let’s look at Vanilla Kubernetes — the nickname for a a K8s setup that’s as basic and elementary as it gets.

The Machine Learning team at Splunk has been hard at work over the last several months preparing for a few exciting launches at.conf22, held just a few weeks ago. Splunk customers want to leverage machine learning (ML) in their environments, but many aren’t sure how to use it, or even how to get started.

Anomaly detection can be defined by data points or events that deviate away from its normal behavior. If you think of this in the context of time-series continuous datasets, the normal or expected value is going to be the baseline, and the limits around it represent the tolerance associated with the variance. If a new value deviates above or below these limits, then that data point can be considered anomalous.

Network performance monitoring (NPM) and application performance monitoring (APM) are both key pillars of an overall performance and reliability management strategy, especially when dealing with complex, distributed infrastructure across cloud-native environments. NPM and APM also complement each other, in the sense that NPM can serve as an additional source of truth and observability for application performance.

According to recent surveys and reports on the industry, Kubernetes and containers are more popular than ever. Containers and serverless functions are being mainstream and ubiquitous – with a more than 300% increase in container production usage in the past 5 years. This trend is especially true for large organizations, which are often using managed platforms and services.

The Splunk Threat Research Team (STRT) has continued focusing development on the Splunk Attack Range project and is thrilled to announce its v2.0 release with a host of new features. Since the v1.0 release 6 months ago the team has been focused on developments to make the attack range a more fully-featured development testbed out of the box. This blog post will share these additions as well as some of the project’s future directions.

Love it or hate it, many organizations have Microsoft Windows as part of their infrastructure. They usually operate a series of Windows services like: Although surveys report that the market share of businesses using Windows is smaller than that of businesses using Linux, many organizations still use private Windows servers that are not accessible over the internet.

Because DevOps practices can bring great speed and reliability to the software delivery lifecycle, release management can seem daunting. But, the improved visibility and collaboration brought about by DevOps can also help with the release management process. DevOps-centric release management is the future of software development and IT operations.

Since the evolution of the IT industry, different concepts have been introduced to enhance and speed application production. Automating processes is gradually becoming the way forward and, so far, the best way to speed the deployment process of projects. Today, though, NoOps has come along. The prevalence of NoOps means manual intervention may not be needed in IT operations, but is this going to mean the extinction of DevOps? Turns out, NoOps might just be a next step in the progression of DevOps.

Whether you are new to Splunk or just needing a refresh, this post can guide you to some of the best resources on the web for using Splunk. We’ve gathered, in a single place, the tutorials, guides, links, and even books to help you get started with Splunk.