Docs » Splunk Log Observer Connect » Introduction to Splunk Log Observer Connect

Introduction to Splunk Log Observer Connect 🔗

Splunk Log Observer Connect is an integration that allows you to query your Splunk Enterprise or Splunk Cloud Platform logs using the capabilities of Splunk Log Observer and Related Content in Splunk Observability Cloud. With Log Observer Connect, you can troubleshoot your application and infrastructure behavior using high-context logs. Perform codeless queries on your Splunk Enterprise or Splunk Cloud Platform logs to detect the source of problems in your systems, then jump to Related Content throughout Splunk Observability Cloud in one click. Seeing your logs data correlated with metrics and traces in Splunk Observability Cloud helps your team to locate and resolve problems exponentially faster.

Region and version availability 🔗

Splunk Log Observer Connect is available in the AWS regions us0, us1, eu0, eu1, eu2, jp0, and au0, and in the GCP region us2. Splunk Log Observer Connect is compatible with Splunk Enterprise versions 9.0.1 and higher, and Splunk Cloud Platform versions 9.0.2209 and higher. Log Observer Connect is not available for Splunk Cloud Platform trials.

You cannot access logs from a GovCloud environment through Log Observer Connect. However, you can use global data links to link from Log Observer Connect to your GovCloud environment where you can access your logs. For more information on global data links, see Link metadata to related resources using global data links.

What can I do with Log Observer Connect? 🔗

The following table lists features available to customers who have integrated Splunk Enterprise or Splunk Cloud Platform with Splunk Observability Cloud, allowing them to use Log Observer Connect.

Do this

With this tool

Link to documentation

View your incoming logs and zoom in or out to the time period of your choice.

Timeline

View overall system health using the timeline

Scan logs.

Logs table

Browse logs in the logs table

Find out which path in your API has the slowest response time.

Log aggregations

Group logs by fields using log aggregation

Search logs by keyword or field.

Content control bar

Search logs by keywords or fields

Filter your logs to see only logs that contain a field of your choice with the value error.

Logs table

Search logs by keywords or fields

View the JSON schema of an individual log.

Log details

View individual log details

See the metrics, traces, and infrastructure related to a specific log.

Related Content

Scenario: Kai troubleshoots an issue from the browser to the back end using Splunk Observability Cloud

Save and share Log Observer queries.

Saved Queries

Save and share Log Observer Connect queries

Get started with Log Observer Connect 🔗

If you manage Splunk Enterprise in a data center or public cloud and want to begin using Log Observer Connect, see Set up Log Observer Connect for Splunk Enterprise. If you use Splunk Cloud Platform and want to integrate Log Observer Connect, see Set up Log Observer Connect for Splunk Cloud Platform.

Note

You can collect data using both the Splunk Distribution of OpenTelemetry Collector and the Universal Forwarder without submitting any duplicate telemetry data. See Use the Splunk Universal Forwarder with the Collector to learn how.

This page was last updated on Oct 03, 2024.