About the Content Pack for Splunk Observability Cloud
The Content Pack for Splunk Observability Cloud enables IT Service Intelligence (ITSI) users and IT Essentials Work (ITE Work) users to visualize and investigate the health of applications that use Splunk Observability Cloud. The content pack provides a seamless experience for IT Ops personnel to combine monitoring of Splunk Observability Cloud, including Splunk Infrastructure Monitoring, Splunk APM, and Splunk Synthetic Monitoring, with business services monitoring to gain a more complete view of their enterprise.
The Content Pack for Splunk Observability Cloud also includes Splunk Real User Monitoring (RUM) and RUM Mobile, so that you can monitor your web properties, apps, and cloud footprint by leveraging real user data together with the other data sources already in your ITSI or ITE Work environment.
Content pack features
The content pack provides a robust collection of features for you to monitor the performance of your applications.
Dashboards
The content pack includes several dashboards so that you can access data for Splunk APM, Splunk Infrastructure Monitoring, Splunk Real User Monitoring, and Splunk Synthetic Monitoring in one place.
Entity searches
The content pack includes 14 entity searches. You can enable these searches when you are ready to run them to import your Observability Cloud entities. See Enable your Splunk Observability Cloud entity searches for steps to enable the searches.
Entity types
The content pack includes 15 custom entity types, including three to support aspects of Real User Monitoring, plus one for each of the metrics from the Splunk Infrastructure Monitoring Add-on, one for Splunk APM, and one for each of the metrics from the Splunk Synthetic Monitoring Add-on.
- AWS EC2
- AWS Lambda
- Azure Functions
- Azure VM
- GCP Cloud Functions
- GCP Compute Engine
- OS Hosts
- RUM App Metrics
- RUM Browser Metrics
- RUM Synthetic Metrics
- Splunk Infrastructure Monitoring
- Splunk APM
- Synthetic API Test
- Synthetic Browser Test
- Synthetic HTTP Test
Glass tables
The content pack includes seven glass tables that you can use to monitor the performance of your applications at a high level.
- The Observability_DevOps SRE Detailed View glass table provides insights across Splunk Synthetic Monitoring, Splunk Application Performance Management, Splunk Real User Monitoring, and Splunk Infrastructure Monitoring at a summary level, as well as two levels down.
- The Observability_Executive Glass Table delivers rolled-up insights across three major observability areas: Splunk Synthetic Monitoring, Splunk Infrastructure Monitoring, and Splunk Application Performance Monitoring.
- The Observability_NOC Glass Table [Layered] is designed for a 40-foot wall or hallway monitor, enables visibility and awareness, showing the trend and history along with current state for all your critical key performance indicators (KPIs) in summary form.
- The Observability_Overview [Columns] glass table provides a quick overview of the four major observability areas: Splunk Synthetic Monitoring, Splunk Application Performance Monitoring, Splunk Real User Monitoring (RUM) and Splunk Infrastructure Monitoring.
- The Observability_Overview [Layered with Radio Gauges] glass table provides immediate insight and results, which can be viewed at a distance, with radio gauges on the left side making it easy to know the status of Splunk Synthetic Monitoring, Splunk Application Performance Monitoring, Splunk Real User Monitoring (RUM) and Splunk Infrastructure Monitoring for your environment at a glance.
- The Observability_RUM_ Executive Glass Table delivers rolled-up insights specific to Splunk Real User Monitoring (RUM) and RUM Mobile applications.
- The Observability_RUM_ Overview [Columns] glass table displays your Real User Monitoring landscape in one window, showing the overall health of real user sessions in apps, native browsers, and synthetic user tests on the right, and clickable color-coded KPIs on the left.
KPI base searches and metrics
The content pack includes these KPI base searches with 70+ associated metrics.
RUM_App_Base
RUM_Browser_Base
RUM_Synthetics_Base
SIM_cloud_aws_ec2
SIM_cloud_aws_lambda
SIM_cloud_azure_functions
SIM_cloud_azure_vm
SIM_cloud_gcp_compute
SIM_cloud_gcp_functions
SIM_containers
SIM_data_center_hosts
SIM_kubernetes
SplunkAPM Rate Base Search
SSM_api_tests
SSM_browser_tests
SSM_http_tests
Services and KPIs
The content pack includes 33 services with 98 KPIs. For a full list of services and KPIs, see the KPI reference for the Content Pack for Splunk Observability Cloud.
Service analyzer
The content pack includes a preconfigured saved service analyzer view called Splunk Observability Cloud that provides visual representation of your Splunk Observability Cloud services and the dependencies between them. You can use this custom view to see the KPIs associated with a service.
Vital metrics
The entity types in this content pack contain a set of vital metrics which describe the overall performance the entities within it. You can view these metrics on the Entity Health page and drill down further into individual Observability Cloud entities.
ITSI and ITE Work support
The content in Content Pack for Splunk Observability Cloud is supported in both ITSI and ITE Work. The features available in ITE Work are a subset of the full feature set available in the content pack for ITSI.
Objects | ITE Work | ITSI |
---|---|---|
Dashboards | 7 | 7 |
Entity searches | 14 | 14 |
Entity types | 15 | 15 |
Glass tables | 0 | 7 |
KPIs | 0 | 98 |
KPI base searches | 0 | 16 |
Services | 0 | 33 |
Service analyzer dashboards | 0 | 1 |
Service templates | 0 | 6 |
Vital metrics | 38 | 38 |
Installation
You can install the Content Pack for Splunk Observability Cloud after installing the Splunk App for Content Packs on the search head where you have installed ITSI or ITE Work. For detailed installation and configuration instructions, see Install and configure the Content Pack for Splunk Observability Cloud.
Deployment requirements
Review these version compatibility requirements for the Content Pack for Splunk Observability Cloud.
Content pack version | ITSI version | ITE Work version | Splunk App for Content Packs version | Splunk Infrastructure Monitoring Add-on version |
---|---|---|---|---|
1.0.0 | 4.9.4, 4.11.x | 4.9.4, 4.11.x | 1.4.0 | 1.2.0 |
2.0.0 | 4.11.x and higher | 4.11.x and higher | 1.6.0 | 1.2.2 |
3.0.0 | 4.11.x and higher | 4.11.x and higher | 1.8.0 | 1.2.2 |
Content pack object conflicts
The Content Pack for Splunk Observability Cloud contains these objects that conflict with either the Content Pack for Splunk Infrastructure Monitoring or the Content Pack for Splunk Synthetic Monitoring.
See the Migrate from the Content Pack for Splunk Synthetic Monitoring to the Content Pack for Splunk Observability Cloud and Migrate from the Content Pack for Splunk Infrastructure Monitoring to the Content Pack for Splunk Observability Cloud topics for migration steps.
Object name | Object type | Conflicting content pack |
---|---|---|
AWS EC2 | Service | The Content Pack for Splunk Infrastructure Monitoring |
AWS Lambda | Service | The Content Pack for Splunk Infrastructure Monitoring |
AWS | Services | The Content Pack for Splunk Infrastructure Monitoring |
Azure Functions | Service | The Content Pack for Splunk Infrastructure Monitoring |
Azure VM | Service | The Content Pack for Splunk Infrastructure Monitoring |
Azure | Service | The Content Pack for Splunk Infrastructure Monitoring |
GCP Cloud Functions | Service | The Content Pack for Splunk Infrastructure Monitoring |
GCP Compute Engine | Service | The Content Pack for Splunk Infrastructure Monitoring |
GCP | Service | The Content Pack for Splunk Infrastructure Monitoring |
AWS EC2 | Entity type | The Content Pack for Splunk Infrastructure Monitoring |
AWS Lambda | Entity type | The Content Pack for Splunk Infrastructure Monitoring |
Azure Functions | Entity type | The Content Pack for Splunk Infrastructure Monitoring |
GCP Cloud Functions | Entity type | The Content Pack for Splunk Infrastructure Monitoring |
GCP Compute Engine | Entity type | The Content Pack for Splunk Infrastructure Monitoring |
Splunk Infrastructure Monitoring | Entity type | The Content Pack for Splunk Infrastructure Monitoring |
Synthetic API | Entity type | The Content Pack for Splunk Synthetic Monitoring |
Synthetic Benchmark | Entity type | The Content Pack for Splunk Synthetic Monitoring |
Synthetic Content Entity | Entity type | The Content Pack for Splunk Synthetic Monitoring |
Synthetic HTTP | Entity type | The Content Pack for Splunk Synthetic Monitoring |
Synthetic Real Browser | Entity type | The Content Pack for Splunk Synthetic Monitoring |
Additional resources
- For ITSI deployment planning guidelines, see Plan your ITSI deployment in the Install and Upgrade Splunk IT Service Intelligence manual.
- For ITSI version compatibility with Splunk Enterprise versions, see Splunk products version compatibility matrix.
Release notes for the Content Pack for Splunk Observability Cloud |
This documentation applies to the following versions of Content Pack for Splunk Observability Cloud: 3.0.0
Feedback submitted, thanks!