March 2025 🔗

Splunk Observability Cloud released the following new features and enhancements in March 2025. This is not an exhaustive list of changes in the observability ecosystem. For a detailed breakdown of changes in versioned components, see the list of changelogs.

March 25, 2025 release 🔗

New feature or enhancement	Description
APM error based troubleshooting	Quickly understand the root cause of an issue for a specific service without manually setting up index span tags, looking at other traces, or referring back to the service map. For more information, see Use the service view for a complete view of your service health.
APM service centric navigation and filtering	Improves user navigation in Splunk APM for visualizing, navigating and filtering through services. Service Centric Views in Splunk APM is now more prominently featured on the landing page so users can quickly understand service health without additional click-downs in the product.
APM service map redesign	Service Maps in Splunk APM help engineering teams to quickly identify error sources and latency in complex application environments. We’ve redesigned the service map in this release to make it easier for users to get a holistic view of a service in the context of the larger environment.
Synthetics excluded files	We are excited to introduce the Excluded Files feature for users to have flexibility in configuring what file types their browser tests will exclude from loading on a page. By excluding certain file types, users can prevent skewed analytics due to third-party services and individually test performance of a page with or without certain resources. For more information, see Advanced settings for browser tests.
Log Observer Connect search experience enhancements	We’re releasing a new “cancel search” functionality to help users gain more control over their log queries by cancelling a log search whenever one is active, allowing them to eliminate workflow inefficiencies and reduce their SVC consumption as well as resource waste. For more information, see Search logs by keywords or fields. We have expanded automatic mapping of the severity key to include more key and value names. This ensures broader compatibility, including OpenTelemetry field names, and reduces the need for custom alias creation. For more information, see Search logs by keywords or fields. We have added guidance in the UI to help you select the appropriate connection and indexes to sharpen the focus of your searches. For more information, see Ensure the correct mapping of your severity key.
SSO default role	When onboarding new Splunk Observability Cloud users, admins who aren’t able to enable Unified Identity can now select what the default role will be assigned to users in the Organization (Non-Enterprise Customers: Admin & Power; Enterprise Customers: Admin, Power, Read_Only, Usage) for more control on user’s scope and privileges. For more information, see Configure SSO integrations for Splunk Observability Cloud.

March 4, 2025 release 🔗

New feature or enhancement	Description
Splunk Observability Cloud AI assistant in Splunk Cloud Related Content	Splunk Cloud Platform users can speed up root cause analysis and IT investigations in the Search app with a new AI Assistant tab in the Related Content panel. Now the Related Content panel shows you not only the context of your issues with observability data, but also provides troubleshooting steps and additional information about the health of your services on the AI Assistant tab. Available for customers who have AI Assistant in Observability Cloud and Unified Identity enabled.
Synthetics Downtime Configurations	Splunk Synthetic Monitoring now supports recurring downtime configurations. Recurring downtimes allow you to sync with your scheduled maintenance windows or planned/unplanned downtimes and keep them from impacting your monitoring metrics or SLAs.
Synthetics multi-factor authentication (MFA)	Splunk Synthetic Monitoring now supports tests that need to send a time-based one-time passcode (TOTP) to their test target.

This page was last updated on Mar 26, 2025.

Was this topic useful?

Did you know that you can edit this page? Learn how!

Was this documentation topic helpful?

Enter your email address if you would like someone from the documentation team to reply to your question or suggestion.

Please provide your comments here. Ask a question or make a suggestion.

Comment should have a minimum of 5 characters and a maximum of 1,000 characters.

Feedback submitted, thank you! We resolve documentation feedback based on the severity of the issue reported, as well as an assessment of the potential number of customers who might be affected.

If you have a question about using Splunk software, we encourage you to check Splunk Answers or Splunk community Slack to see if similar questions have been answered, or to post your question for others to answer. If you have an active support entitlement and believe that your situation is caused by a product defect, file a support case in the Support portal https://login.splunk.com/page/sso_redirect?type=portal.

We are currently moving to a new documentation site. Expect a delay in responding to your feedback and applying any updates based on your feedback. Thank you for your patience and understanding while we work to bring you an improved documentation experience!