Cisco has embedded Splunk IT Service Intelligence (ITSI) directly into its Nexus Dashboard. By doing so, the company has brought analytics and security telemetry into the core data center management environment. The integration is designed to speed up fault detection and root cause analysis. In addition, it aims to get Network Operations and Security Operations teams working from a shared view of the infrastructure.
Cisco’s Nexus Dashboard will utilize Splunk’s ITSI solution to essentially turn raw data emanating from network infrastructure into actionable insights. Precisely that integration is what defined Cisco’s motives behind acquiring Splunk, one of multiple deals which built up a greater reach of the company’s portfolio. Specifically, the target has been full-stack observability through integrating existing services with Splunk’s solutions.
The integration has been some time coming, with Cisco’s $28 billion acquisition of Splunk being closed in March 2024. Since then, Cisco has been threading Splunk capabilities throughout its portfolio, AppDynamics and ThousandEyes were early recipients. As Techzine previously reported, Cisco’s broader integration work now extends to a full data fabric approach that keeps data in place rather than moving it to a central lake. The Nexus Dashboard is the latest platform to receive that treatment.
What the Nexus Dashboard integration delivers
ITSI brings a range of functions into the Nexus Dashboard environment. These include business and service monitoring, intelligent incident management, predictive analytics, and network topology monitoring. Data center teams can access events, alarms, health scores, and inventory through open APIs. These have been equipped with pre-built and customizable dashboards covering fabric state, anomalies, and advisories.
The architectural change is what makes this different from a typical connector. Rather than shipping raw logs to an external data lake, a process that incurs high ingress and storage costs, Splunk capabilities now run directly inside the Nexus Dashboard. To be honest, you wouldn’t expect otherwise from an solution wholly owned by Cisco utilizing data from its own software, but such advantages are indeed new.
“This isn’t just another connector or API call. This is an embedded, architectural integration designed to transform how you monitor, troubleshoot, and secure your data center fabric,” wrote Usha Andra, senior product marketing leader, and Anant Shah, senior product manager at Cisco Data Center Networking, in a blog post about the integration.
NetOps and SecOps, one shared reality
The cultural impact may be as significant as the technical one, at least if Cisco’s aims become reality. The company says the integration forces a convergence between Network Operations (NetOps) and Security Operations (SecOps). Both teams now work from the same telemetry. A traffic anomaly gets investigated simultaneously as a potential configuration error by NetOps and as a potential exfiltration attempt by SecOps. Splunk acts as the common language on top of the Cisco Nexus infrastructure, which may well make personnel from different teams speak the same proverbial language when discussing issues.
This connects directly to the AgenticOps direction Cisco has been pursuing across its portfolio. As previously discussed, Splunk ITSI already provides automated event correlation and root cause summaries within that framework, designed to reduce time-to-resolution. The Nexus Dashboard integration extends that capability into the data center networking layer. More broadly, the AgenticOps vision sets up Splunk and Cisco’s combined tooling as a layer where AI handles routine monitoring tasks while analysts focus on decisions.