Splunk is releasing new functionality for its Security and Observability Cloud. This is to help companies become more resilient against attacks and other problems with applications and the underlying infrastructure.
The new updates focus primarily on the Splunk Observability Cloud and Mission Control components and introduce Splunk Edge Processor. The suite of observability tools is now extended to include Incident Intelligence. This additional functionality enables teams to increase efficiency with the proper knowledge to diagnose, resolve and recover from service outages quickly.
Also, Splunk Observability Cloud now gets new autodetect capabilities from Splunk APM. This uses machine learning to improve the accuracy of alerts and reduce the number of manual actions for troubleshooting.
Furthermore, the IM Network Explorer should allow teams to easily monitor and assess their cloud network(s) health status. This way, they can quickly intervene and resolve issues.
Features Splunk Mission Control
New functionality has also been added to Splunk Mission Control. This solution bundles the analytics tools of Splunk Enterprise Security with the automation, orchestration, and threat intelligence features of Splunk SOAR.
The functionality added to this suite should help customers detect, investigate, and respond to security threats much faster through a universal work environment. In doing so, security staff benefit from simplified workflows and automated processes that they can organize into so-called response templates. This enables them to focus on the most important issues and perform more proactive and smoother security work.
Introducing Splunk Edge Processor
In addition to the enhancements to Splunk Observability Cloud and Splunk Mission Control, the data platform provider is also introducing a new solution: Splunk Edge Processor. This solution should give end-users of the platform better insight and control into and over their streaming data. This is before this streaming data leaves their network.
The solution operates at the network’s edge and helps filter, mask and route streaming data. This should create more efficient data transformation processes. The solution is supported by the proprietary Search Processing Language (SPL2). This application should simplify data search and data prep.
The new functionality for Splunk Observability Cloud is now generally available, as is the Splunk Edge Processor tool. Splunk Mission Control functionality is now available to Splunk Enterprise Security Cloud users. This is based on technical and regional requirements.
Also read: Splunk Platform update offers more observability and security