Observability

Buyer’s Guide
Improve digital resilience
by lowering the cost of
unplanned downtime
Table of Contents
About this buyer’s guide............................................................................................. 3

What observability is and why it exists......................................................... 5

One solution vs. twelve tools................................................................................. 6

Core buying criteria........................................................................................................ 7

Pricing and packaging............................................................................................... 13

Partnering with the right vendor..................................................................... 15

About this buyer’s guide
Leading organizations lean on observability to improve digital resilience
Hi, we’re Splunk — we help companies be more resilient with the most
comprehensive Unified Security and Observability Platform, and we know
a lot about, well … security and observability.

A Leader Ranked #1 A Leader A Leader

#1 Vendor in SIEM and ITOM in ITOps and Analytics in Cloud Observability, APM, in Quadrant Knowledge
HPA software market share Market Share AIOps and Incident and Solutions’ SPARK Matrix for
Gartner® Magic Quadrant™ in SIEM Market Share Task Management Cloud Observability and
for Security Information ITIM Tools
and Event Management

Gartner, Magic Quadrant for Security Information and Event Management (October 2022) | Gartner: Market Share: All Software Markets, Worldwide 2021 (April 2022) | Gartner, Market Share Analysis: ITOM, Performance Analysis Software (October 2022) | IDC, Worldwide
Security Information and Event Management Market Shares, 2021: The Cardinal SIEMs, doc #US48506522 (July 2022) | IDC, Worldwide IT Operations Management Software Market Shares, 2021: Market Growth Moderates, doc #US49609921 (September 2022) | GigaOm, Radar
for Cloud Observability Solutions (March 2022) | Quadrant Knowledge Solutions, SPARK Matrix for Cloud Observability (December 2022)
GARTNER is a registered trademark and service mark of Gartner, Inc. and/or its affiliates in the U.S. and internationally and is used herein with permission. All rights reserved. Gartner does not endorse any vendor, product or service depicted in its research publications, and does
not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner’s research organization and should not be construed as statements of fact. Gartner disclaims all warranties,
expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.

Observability Buyer’s Guide | Splunk 3

Are you an ITOps or engineering leader or practitioner? This
buyer’s guide is for you. Learn why Splunk customers like
Lenovo, Puma and Rappi lean on observability as a critical
solution for modern software development and discover more
about how an observability practice can:

• Improve system reliability.

• Fix problems up to 83% faster.
• Deliver exceptional digital experiences on an ongoing basis.

In this guide, we’ll share a brief overview of observability as

a practice and why it exists. Then, we’ll address some of the
challenges that can arise from having a collection of 12 or
more monitoring tools — like long recovery times, unplanned
downtime and burned out staff.

Lastly, we’ll get down to business and help you get started
with your own observability practice, including core buying
criteria (what you should be looking for in an observability
tool), a breakdown of pricing and licensing models for different
tools, and guidance on how to evaluate different observability
vendors for long-term partnership.

Observability Buyer’s Guide | Splunk 4

What observability is and why it exists
In a world where digital transformation matters to everyone, those who adapt to
complex challenges in a way that drives their business forward all have one thing
in common:
Digital resilience.
Observability is …
a practice used by software developers, site reliability engineers and
IT operations to improve digital resilience by lowering the cost of
unplanned digital downtime.
But how can you be more resilient when our digital reality barely resembles
what it looked like just a few years ago? IT and DevOps tech stacks are exploding
because of the growing complexity of software development, the need for
faster development cycles and the increasing demand for automation and
collaboration. At the same time, customers’ expectations continue to grow. They
want more digital interactions and they expect them to be perfect — if they
aren’t seamless and secure, your customers will punish you not only with their
cash but also with their voices. When a page fails to load quickly, you’ll hear
about it. You’ll read the angry tweet as the world finds out, too.
Ninety-one percent of organizations said one hour of downtime that takes
mission-critical infrastructure and applications offline costs them at least
$300,000 due to lost business, productivity disruptions and remediation efforts.
When time is money, every minute counts. And during an economic downturn,
every dollar and every purchase lost counts even more.
So it’s no surprise that if you ask an alert-fatigued SRE or ITOps practitioner
what they need to be more resilient, inevitably the answer will be — time and
information. They care about:
• Wasting less time firefighting in noisy alert storms and war rooms.
• Eliminating the guesswork required to fix problems.
• Making their processes and tech environment more reliable — preventing
issues from becoming customer-facing problems.
• Having more complete information available to make the right call at the
right time, both tactically day-to-day as well as for long-term strategic
business decisions.
Observability Buyer’s Guide | Splunk 5
One solution vs. twelve tools
The average organization has dozens of tools to monitor different parts of
their stack. As teams adopt disconnected tools to monitor their infrastructure,
applications and digital customer experiences, it creates data silos that result in
blind spots. It also increases toil, making it harder to diagnose cascading issues
that may be impacting different parts of a distributed environment.

All of these factors increase the likelihood that a critical signal (like a failure, error
or outage) goes unnoticed.

Most other monitoring and observability tools weren’t built to handle the
frequency of changes or the explosion of potential failure scenarios found with
modern software. For example, the traditional way monitoring tools are used
starts with an engineer getting paged and interpreting dashboards or logs to
investigate the problem. But these days, it’s impossible to predict all of the ways
Not to mention that nearly every monitoring vendor tries to lock you in by
our software might break, which means it’s impossible to set up alerts for every
making you learn and implement their proprietary agents for instrumenting
potential failure scenario.
telemetry data.
In addition, finding root causes still requires too much manual labor, guesswork
and expensive war room calls. A lot of tools do a good job surfacing visibility
into application golden signals (like latency, traffic, errors and saturation) or It’s time for a new approach.
infrastructure metrics (like memory and CPU utilization). Still, it’s not easy An observability practice helps ITOps and engineering teams gain complete
to get to the “so what?” to understand the broader impact of a software or business visibility across their infrastructure, applications and digital customer
infrastructure performance issue. experience. Teams need the ability to proactively spot unknowns and see root
causes of problems before customers are impacted, all with full control over
their data.

Observability Buyer’s Guide | Splunk 6

Core buying criteria
Get your pencil out and get ready to check some boxes. In this section, we’ll
go through key criteria to check off the list when shopping for the best
observability solution.
Criteria #1: Time
When Lenovo came to Splunk, they wanted to upgrade a monitoring platform
they had been using for a few years. They were looking for a more flexible and
adaptable solution that could customize observability across operations to
better respond to changing consumer preferences in the evolving e-commerce
landscape. They wanted no dropped transactions, no performance hiccups,
no delays and real-time visibility into every transaction. They also had to
significantly decrease their 30-minute MTTR.
After migrating to Splunk, the average time it takes to recover
from a system failure has now gone from 30 minutes to
about five minutes, and they’re fixing things more than
80% faster.
The right observability solution will give you time back. Pointing teams to a few
actionable events and helping prioritize them based on service impact means
they can quickly identify root cause and improve their mean time to resolve
(MTTR) critical incidents.
“We can now correlate backend traces from APM with frontend
traces from RUM. That’s a huge value because that’s been our
missing link. It’s been very illuminating and has revealed hidden
inefficiencies that we’re now able to address.”
— Sean Schade, Principal Architect, Care.com
“You need 100% of your data for observability to be effective. I don’t
know how anyone can compete with Splunk’s no sampling. That’s
been the biggest issue with any APM product I’ve used in the last
seven or eight years.”
— Sean Schade, Principal Architect, Care.com
When evaluating the right observability partner, ask if the solution will help
you isolate the root cause of the problem as fast as you can. Also ask if this
observability solution would have access to the right information so you can be
confident that you will never miss a problem again. Be sure to question the data.
In order to save time it’s crucial that you don’t have any blindspots.
Does it reduce alert noise?
Intelligent event correlation in Spunk ITSI uses machine learning groups and
prioritizes logs, metrics and events from multiple sources (infrastructure,
applications, networks, etc.) and helps ITOps teams reduce alert noise by
over 90%.
Does it prioritize alerts?
We do that via guided root cause analysis that uses machine learning and
historical data to prioritize alerts and float the big rocks to the top.
Is it OpenTelemetry native?
Many monitoring tools still use proprietary agents that are cumbersome
to maintain and very expensive to scale in cloud environments. And while
some of them claim to use OpenTelemetry, the number of projects that
contribute to OpenTelemetry continues to be low. Using an OpenTelemetry
native observability solution helps development teams build faster and
more reliable applications by providing streamlined observability, efficient
debugging, improved collaboration, better resource allocation and reduced
vendor lock-in. Splunk is the top contributor to OpenTelemetry.
Observability Buyer’s Guide | Splunk 7
Is this observability solution built to ingest the right quality of data at the
right scale?
Not all providers treat metrics, traces and logs alike. The following table
illustrates the old vs. new approach to data and how it impacts modern
software development.
Can I stop juggling?
When ITOps and engineering teams have to juggle multiple monitoring tools,
it leads to increased complexity, fragmented data, inefficient workflows,
limited visibility and higher costs. Reducing “swivel-chair” operations means
you can respond to the most urgent issue first.
j With Splunk ITSI, ITOps teams can monitor the health scores of critical
business services and drill down into incidents to remediate, all from
one dashboard.
How does it improve collaboration and communication across teams?
Siloed teams are often frustrated with the lack of knowledge of changes to
the app or infra that may be responsible for problems, because it makes it
difficult-to-coordinate incident response.
j With Splunk, teams can view a unified and holistic picture of their
application and infrastructure health. Shared visibility can help break
down silos and promote collaboration between different teams, such as
development, operations and security.
j Splunk provides rich contextual data and insights, such as logs, metrics
and traces, which can help teams quickly identify and diagnose issues. This
information can be shared across teams, enabling better collaboration and
problem solving.
j Splunk supports collaboration workflows, such as shared dashboards,
alerts and reports. This helps teams share information and coordinate
efforts in real time.
Does it provide holistic visibility of machine data, logs and events —
regardless of source?
Organizations grapple with too many disparate systems and tools that
create data silos, each monitoring a layer of the stack, but failing to see the
system as a whole which inhibits the holistic visibility required to detect and
resolve an incident, often swiveling between disparate views to conduct their
analysis. In addition, when other tools are implemented, logs often roll off and
expire prior to investigation, resulting in incomplete data.
j Splunk Platform enables ITOps teams to tackle data sprawl that is driven
by digital transformation initiatives. Within our extensible platform, ITOps
teams can bring together data from across their organization’s hybrid or
multi-cloud technology estate, and do it at scale.
j Data stored at full fidelity allows customers to analyze current and
historical incidents.
j Splunk Platform provides holistic visibility of organization’s machine data,
logs and events regardless of source.
“Splunk Observability Cloud captures all the logs, metrics and
traces in a way that allows us to understand any event across our
platform, so we can ask questions and get answers.”
—M
 att Coddington, Senior Director of DevOps Engineering, Care.com
Observability Buyer’s Guide | Splunk 8
 Others
Logs and • Ideal for static reporting
machine • Structured events
data • Pre-defined, normalized
• Filtered, adulterated data
• Limited to known knowns
• ETL into brittle schema
• Enrich at write
• Write SQL & build report
• New questions = re-write & start over
• “Data at rest”
Metrics • Written for VMs and Retrofitted for
Containers
• Infrastructure observability
• Pre-built metrics
• Proprietary Monetized Agents
• Heavy processing post ingestion
• Memory constrained
• Pre-defined metrics
• Limited to known knowns
• Batch Analysis
• Human analytics & alert overload
• No or limited logging
Traces • Architected for monolithic apps
• Proprietary heavy client
• Agent-based analytics (snap shots)
• Rigid, pre-defined data tagging
• DB batch analytics (post ingress)
• Correlate data abstractions (guess)
• Container-level within apps only
• High-level analytics
• Legacy/monolith APM
• Limited RUM
• No or limited logging
Splunk Why it Matters
• Ideal for on-demand analytics Agility to quickly adapt to changing business
• Any data conditions, customer needs or market trends.
• Index data “as is” in native format
• Complete, presine raw data
• Unknown unknowns
• Flexible index “Schema-on-the-Fly”
• Enrich at read
• Dynamic Google type search
• Ask anything, anytime
• “Data in motion”
• Natively architected for Micro-services Help DevOps teams quickly identify and
• Business observability resolve issues, improving system reliability
• Pre-built & custom metrics + metadata and reducing downtime.
• Any metrics, any source (i.e. OTEL)
• In-flight real-time analytics
• Highly scalable
• Custom metrics for YOUR business
• Infinite dimensions/high cardinality
• Real-time streaming analytics
• Machine-grade analytics & automation
• Full Splunk integration
• Architected for modern apps Improved visibility, scalability, performance
• OpenTelemetry open standards client and development processes.
• Cloud-based analytics (omniscient)
• Flexible, universal data-tagging
• Real-time streaming analytics & alerting
• Analyze 100% of raw data (facts)
• True microservices
• Granular analytics
• Distributed/microservices APM
• Customer experience end-to-end visibility
• Full Splunk integration
Observability Buyer’s Guide | Splunk 9
Criteria #2: Improving reliability
When you spend less time firefighting you can spend more time fireproofing.
The right observability solution can improve the reliability of ITOps and
DevOps environments and processes on an ongoing basis through proactive
maintenance, early detection and real-time guidance to help identify areas
for improvement.
How will this observability provider help me prevent issues from impacting
my customers?
(Can it make me the superhero that prevents angry tweets before they
start?) Teams are often too busy reacting to problems instead of proactively
fixing issues before they cause more problems. With the right observability
provider ITOps teams enlist AI and ML to detect the patterns that can lead to
degradations in business service KPIs and eventual incidents.
j Splunk IT Service Intelligence (ITSI) helps organizations view live service
performance and forecast future near-term performance. Based on the
real, active application and infrastructure conditions, customers can
optimize services and prevent issues from occurring in the first place.
j Instead of having a set baseline, Splunk ITSI prevents false positives using
adaptive thresholding; this functionality sets thresholds that are tailored to
the particular patterns of your system, based on historical data.
Does it help me learn from the past to be more efficient in the present?
Reinventing the wheel is never a good idea. When incidents arise, knowing
how similar episodes were successfully resolved in the past means teams
don’t need to start from scratch and spend hours reinventing the wheel.
j Splunk ITSI Episode View capability lets teams look for similar episodes,
see what actions were taken to resolve the issue, view any notes on how
the problem was resolved, and track any linked tickets for even more
context about the episode so it can be resolved faster.
“When Lenovo’s site experienced a 300% spike in traffic after
an especially effective promotion, Splunk Observability Cloud
made sure Lenovo’s online shop maintained 100% uptime —
with zero outages or digital crises — and delivered a flawless
shopping experience despite the massive increase in traffic to its
website and mobile app. Splunk is a great investment for us, as
it remarkably improves our operational efficiency and achieves
better team collaboration. Thanks to this great tool, our operations
team troubleshoots issues much faster than ever before.”
— Ben Leong, Director of Operations, Online and E-Commerce Platform, Lenovo
How will it help me reduce alert noise in the future and avoid seasonal
false positives?
There are times when it isn’t business as usual. Public holidays, summer
sales events, tax season and Black Friday are all examples of times when
an increase in web traffic, message rates or service usage can be expected.
When the abnormal is normal, static thresholds can cause a storm of false
positive alerts and accompanying headaches for on-call teams.
j When things are not expected to be normal, Splunk IT Service Intelligence
(ITSI) Custom Threshold Windows lets teams adjust KPI and service
severity levels to proactively avoid false positives and unwanted alerts.
j Splunk ITSI’s adaptive thresholding learns the normal behavior of
applications and supporting infrastructure, such as differences in
weekends vs. weekdays, and sets thresholds accordingly. Instead of having
a set baseline, this allows for a threshold that is tailored to the particular
patterns of a customer’s system, based on historical data. This AI-driven
approach reduces alert fatigue and helps IT teams direct their energy
towards the most critical issues.
Observability Buyer’s Guide | Splunk 10

“Before using Splunk, we had no visibility into our e-commerce
activity at this granular level. We had to wait until a customer or
someone on our content team noticed it and complained about it.
By that time, we’d already lost money and frustrated customers.
Now, with Splunk, we would see right away what’s causing that
inventory issue, and we could fix the problem so customers could
continue to buy merchandise.”
— Michael Gaskin, Senior DevOps Manager for Global E-Commerce, Puma
Will it point out areas for improvement?
A unified observability solution can be a powerful tool for identifying areas for
improvement within the tech stack and processes — continuously optimizing
the system over time. Make sure it can monitor and analyze data from all
layers of the tech stack and all stages of the development process to identify
issues with individual components, dependencies between components, and
interactions between different stages of the development process.
j Splunk RUM and Synthetics help software engineering teams improve
page loading, interactivity and visual stability, isolate slow third-parties and
eliminate JavaScript errors. With over 300 optimization recommendations
you get real-time guidance on how to immediately improve customer
experience and page performance for every page.
Criteria #3: Business insights
Resilient companies are equipped to make collaborative, well-informed
decisions quickly. But traditional IT monitoring and AIOps tools don’t provide
deep visibility into commercial off-the-shelf (COTS) applications and the
additional services that ITOps teams are responsible for maintaining such as
ERP, warehouse, inventory and supply chain management systems. There is no
centralized location for seeing all the data, much less surfacing relationships
between applications and infrastructure, how these relationships affect
services, and how all of this drives or hinders the priorities of the business.
A unified observability solution can help provide better strategic business
insights by providing a comprehensive view of system performance and user
behavior, allowing you to make data-driven decisions that align with business
goals and objectives.
“A single dashboard provides data for engineering, DevOps,
site reliability engineering, SecOps, peer engineering and
microservices, operations and business metrics. If something
happens at Rappi, and we don’t see it on our Splunk dashboard, it’s
actually not happening at all. Splunk Observability Cloud helps us
make blazing-fast decisions. Ensuring brisk web page loads and
frictionless mobile app transactions has helped Rappi grow to
process more than 8.8 million orders each month.”
— Alejandro Comisario, Executive Vice President of Engineering, Rappi
Observability Buyer’s Guide | Splunk 11

Will it help me understand the business impact of changes?
Teams running applications in cloud native environments and DevOps
practices create business value by deploying new changes and
improvements to customers, faster than ever. While microservices and
Kubernetes add speed and scale, they create an explosion of complex
dependencies from APIs and third parties. Constant change across billions
of components increases the risk for new errors, slowness or outages
that impact service performance, customer experience and ultimately
business outcomes. As teams deploy code, make improvements or launch
new features, they need an observability solution that helps them measure
business output alongside the health of their infrastructure, applications and
end user experience.
j Teams using Splunk Observability Cloud can easily enrich their data with
custom metrics so that they can easily compare how their applications,
infrastructure and end user experience impact their business results.
j Splunk provides out-of-the-box, easily customizable dashboards with a
live view of business service performance relevant to both IT and business
Morning cup of coffee insights for practitioners as well as to the CxO level?
Many observability solutions are created to cater mostly to practitioners.
A good observability platform should either have an extensive prebuilt
collection of dashboards that are ready to service and give full visibility to
the CxO level based on CxO KPIs or it should be easily customizable so the
enterprise can build dashboards and performance metrics that can be useful
to the CxO level. At the end of the day, any good observability tool is about
making informed business decisions during unplanned downtime.
j CxO level executives using Glass Tables in Splunk ITSI can easily visualize
and monitor the interrelationships and dependencies across IT and
business services in one view.
j ITOps using the Service Analyzer in Splunk ITSI can quickly view the status
of IT operations and identify services and KPIs running outside expected
norms. Clicking on any tile in the Service Analyzer will drill down to the
deep dives for further analysis and comparison of search results over time.
“The Splunk Observability Suite helps us see clearly into our
complex environment, allowing us to act based on data so
we can deliver on our mission to help customers build better
products, faster.”
— Glenn Trattner, Chief Operating Officer, Quantum Metric

leaders. This helps IT teams showcase the value they provide to lines of
business, and drives better informed strategic decisions.

Observability Buyer’s Guide | Splunk 12

Pricing and packaging
Observability and monitoring tools are essential for modern software
development and operations. But problems with pricing and packaging can
make it difficult for users to effectively use them and can lead to unexpected
costs, limited flexibility and inefficient workflows. You can avoid this by asking
the right questions early in the vetting process:
Is it easy to understand how much this tool will cost over time?
Some vendors are not transparent about their pricing or their data retention
policies, which can make it difficult for users to understand the true cost
of using a tool over time. This can lead to unexpected charges and make it
difficult for users to plan their budgets.

How complex is their pricing model?
Many observability and monitoring tools have complex pricing models that
make it difficult for users to understand how much they will have to pay.
Some tools charge per host, per container, or per metric, while others charge
based on the volume of data ingested or the number of alerts generated. This
makes it challenging for users to accurately estimate their costs and plan
their budgets.
j Unlike competitors, we do not adjust license cost by host RAM size — so
it doesn’t matter what size RAM your cloud VMs are with Splunk (8, 16, 32,
64gb) — we are the same cost across all.
j OpenTelemetry native solutions like Splunk are more cost effective over
time because they don’t require licensing fees and your staff doesn’t have
to spend time learning proprietary agents before they can be effective.

j Splunk Observability Cloud is one unified solution, priced on a single

metric — hosts. It doesn’t get less complex than this.

How do I avoid vendor lock-in and how does this vendor support
customization I may require down the road?
Many observability and monitoring tools are offered as a package deal,
making it difficult for users to switch vendors or use only the parts of the
tool that they need. This can lead to vendor lock-in, where users are tied to a
specific vendor and have limited options for customization and flexibility.

j Splunk offers observability at flexible and predictable pricing for any

environment, at any scale.

• Splunk Observability Cloud can be consumed as a single, all-in-one cloud

solution or as stand alone products and expand to fit your needs.
• Splunk ITSI can be deployed on-premises, in the cloud or in a hybrid
environment, providing flexibility in terms of cost and performance.

Observability Buyer’s Guide | Splunk 13

Who can help me get up and running quickly?
Many observability and monitoring tools are complex and difficult to set up
and configure. Effective onboarding services can help users to get up and
running quickly and efficiently, ensuring that teams are able to maximize the
value of their observability solution.

j Splunk’s Observability Cloud Smart Start Accelerator is a packaged

solution designed to jumpstart your ability to deploy, adopt and realize
value faster with Splunk. With expert-led guidance, you’ll establish best
practice processes for self-service onboarding allowing you to accelerate
outcomes, optimize solutions faster and pivot quickly to discover new
capabilities — the key to enterprise resilience.
j Splunk Professional Services accelerates delivery of your Splunk
Observability solution to achieve unparallelled platform visibility faster,
shorten your time to value and maximize business impact. With experience
implementing observability solutions across the globe for customers in
different verticals and at all sizes, our Splunk consultants are there to assist
and guide you on architecture, best practices and product enablement
at every stage of your implementation. Our global network of consultants
have a direct line to our product and development and support teams to
quickly get answers to drive a rapid time to value from your observability
cloud investment.
j From short technical guidance interactions to strategic technical planning,
Splunk subscription services have you covered. Technical help is available
with OnDemand Services, which provides focused guidance sessions
across Splunk products. Looking for more strategic technical planning
help? The Assigned Expert service provides you dedicated technical
account management to help optimize your Splunk Observability Cloud
environment for use case enablement aligned to your business goals
and objectives.

Observability Buyer’s Guide | Splunk 14

Partnering with the right vendor
The right observability vendor will feel like an extended member of your team
and organization. While vetting a potential partner, ask yourself some questions
about what you want to get out of the partnership.
• Community and ecosystem
Evaluate the size and vibrancy of the vendor’s community and ecosystem.
Look for evidence of an engaged user community, a robust partner network
and a commitment to collaboration and knowledge sharing.
j Splunk has a large and active user community and provides comprehensive
support and training resources. This can reduce the need for expensive
vendor support contracts.
• Avoid limited integrations
Some observability and monitoring tools are limited in their ability to integrate
with other tools or platforms. This can make it difficult for users to get a
complete view of their systems and applications, leading to blind spots and
making it challenging to identify and diagnose issues.
j Splunk Observability integrates easily with the existing solutions ITOps
and engineering teams already have so that any problem is detectable and
effectively communicated.
j Splunkbase powers Splunk Observability customers with over 2,800 apps
(most of these are free). It offers a wide range of content — including apps,
add-ons, dashboards and more — that can help observability customers get
more out of their Splunk deployment.
j Lastly, combining the capabilities of Splunk Observability Cloud, Splunk
Cloud and Enterprise platforms empowers customers with a holistic,
cost-effective and reliable technology platform for all their IT and
engineering needs
• Company history and reputation
Research the vendor’s history and reputation in the market. Look for evidence
of stability, growth and a commitment to customer success.
Observability Buyer’s Guide | Splunk 15
Splunk’s analyst recognition
• A Leader and Fast Moverin GigaOm Radar for Observability • A Leaderin Quadrant Knowledge Solutions’ SPARK Matrix for
Cloud Solutions, 2023 ITIM Tools, 2022
• A Leader and Forward Moverin GigaOm Radar for Incident & Task • A LeaderIn Quadrant Knowledge Solutions’ SPARK Matrix for
Management Solutions, 2022 Cloud Observability, 2022
• A Leader and Outperformerin GigaOm Radar for AIOps Solutions, 2022 • A Market LeaderResearch In Action’s Vendor Selection Matrix for
• A Leaderin GigaOm Radar for APM Solutions, 2021 Observability Platforms, 2022

• A Visionaryin 2022 Gartner® Magic Quadrant™ for Application • A Market LeaderResearch in Action’s Vendor Selection Matrix for
Performance Monitoring and Observability1 AIOps Platforms, 2022

• A Strong Performerin Forrester® Wave™ for AI for IT • A Notable Vendorin Constellation ShortLists for Observability,
Operations Solutions, 20222 AIOps & Incident Management, 2022

• #1 by Market Sharein Gartner® Market Share Analysis: ITOM, Health and • A Market LeaderOmdia Universe for AIOps, 2021-22
Performance Analysis Software, Worldwide, 2021 (published 2022)3 • Top 3 Vendorin EMA Code-Level Observability Award, 2021
• Ranked #1 Market Sharein IDC Worldwide IT Operations Analytics
Software Market Shares, 2021: Market Growth Accelerates, 20224

1 Gartner® Magic Quadrant™ for Application Performance Monitoring and Observability (June 2022)
GARTNER is a registered trademark and service mark of Gartner, Inc. and/or its affiliates in the U.S. and internationally, and MAGIC QUADRANT is a registered trademark of Gartner, Inc. and/or its affiliates and are
used herein with permission. All rights reserved. Gartner does not endorse any vendor, product or service depicted in its research publications and does not advise technology users to select only those vendors
with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner’s Research & Advisory organization and should not be construed as statements of fact. Gartner
disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.

2 The Forrester Wave™: Artificial Intelligence for IT Operations, Q4 2022 (December 2022)
3 Gartner® Market Share Analysis: ITOM, Health and Performance Analysis Software, Worldwide, 2021 (October 2022)
4 IDC Research: Worldwide IT Operations Analytics Software Market Shares, 2021: Market Growth Accelerates (doc #US49609921, September 2022)

Observability Buyer’s Guide | Splunk 16

The most important thing to us is our customer’s success

Observability Buyer’s Guide | Splunk 17

Solve problems in seconds with
the only full-stack, analytics-
powered observability solution.
Check out A Beginner’s Guide to Observability
to learn how observability is different from simple
monitoring. Get started in seconds with a free trial.

Get Started

Splunk, Splunk> and Turn Data Into Doing are trademarks and registered trademarks of Splunk Inc. in the United States and
other countries. All other brand names, product names or trademarks belong to their respective owners. © 2023 Splunk Inc.
All rights reserved.

23-183155-Splunk-Observability Buyers Guide-EB-108