We’re making some changes to the team landing page in Splunk Observability, based on your feedback. The landing page for team members now shows content more efficiently, and we’ve also made it easier to find the alerts and dashboards you’re interested in. Alerts The Alerts section is where you can find active alerts from detectors linked to each team. This section now defaults to a compact summary, which you can click on to expand for full details. Dashboards The Dashboards section shows dashboards from groups that have been linked to the team. Dashboards are now listed within their respective dashboard groups, in a stable order. You can search for dashboards or groups by name just as before, and we’ve now added a new control that makes it easy to find just your favorite dashboards, or just dashboards that you created. The Teams feature in Observability is a great way to make it easy to help newer users get started, or to collect content that's relevant to important topics for your organization. Click here to learn more about using Teams in Observability. ... View more

We've updated the look and feel of the team landing page in Splunk Observability.  The team landing page is where you can go to see any active alerts and dashboard groups that have been linked to a team in Splunk Observability. When you use the teams feature, each team can curate the custom dashboards and detectors that appear on their team landing page. For instance, as a team lead I could collect all the dashboards related to the services that my team is responsible for, and link my team's detectors so that any alerts on those services will appear here. This is a good way to help a new team member quickly find useful content.  The old team landing page. The refreshed team landing page contains all the same information it had before -- team name, description, linked alerts and dashboards -- but its look and feel has been updated to better align with other areas of Splunk Observability. Team dashboards are arranged in a searchable, sortable table. We can also directly see the list of alerts linked to our team, in addition to the count.  The team landing page's new look. To create and manage teams, click the Settings icon, then click Teams for a full list of teams in your organization. Click here to read more about teams in Splunk Observability.  ... View more

We've updated the layout of the Settings section of the navigation menu in Splunk Observability Cloud. Settings will now show your organization name, and we've made a little extra space to show your user profile.   Before this change, when you clicked Settings (or the gear icon), you'd see a link to your user profile at the top of the navigation menu, instead of the Splunk logo and organization name that you would see outside of Settings.   We heard from customers that this made it a little hard to open and close the menu, and (from our customers with multiple accounts) that it could be hard to tell which organization's settings they were looking at. To address this, we changed the layout of the Settings section to be consistent with the rest of the navigation menu.     We hope this little change makes your Observability Cloud experience better! ... View more

On Thursday, Aug. 25th, the Splunk Log Observer team is making a change that will speed up most Log Observer and Log Observer Connect queries, which may cause the logs table to show more results than before.  A screenshot of Splunk Log Observer, pointing out the logs table and the group-by control for visual analysis. What’s changing?  Today, the logs table in the Log Observer UI only shows log messages containing the fields that the visual analysis is grouped by. For example, in the screenshot above, the visual analysis is grouped by ‘severity’. On Thursday, Aug. 25th, we will change the logs table to show log messages with or without the fields that have been used to group the visual analysis. After Thursday, Aug. 25th, when you group by a field in Log Observer, the logs table can include messages with or without that field. If you want to ensure that the logs table only shows messages that include the fields that have been used to group the visual analysis, add a filter like “example=*”. To add a filter in Log Observer, click the Add Filter button and search or browse for a field. Click "Include all logs with this field" to add a filter like "severity=*" as shown. Why are we changing it? This change will make the average Log Observer query faster and more efficient. It also makes it easier to understand what Log Observer is doing in each query. The logs table can always be returned to its original behavior by adding filters like “example=*” to the filter bar.  What effects will this change have in Log Observer? After this change, your saved Log Observer queries that group by some field may start to include more results in the logs table than they used to, because the results can now include logs with or without that field.  If you want to ensure that the logs table will only show messages that are included in the groups shown in visual analysis, add a filter like “example=*” to the filter bar to filter by that field.  How does this work today, before the change?  You can use the group by dropdown control in Log Observer to show visual analysis grouped by different fields. Before this change, when you choose a field to group by, Log Observer would only show logs containing that field, in order to ensure that the logs table would not show messages that do not appear in the Visual Analysis area. This original behavior can be restored by adding an explicit filter, like "example=*". About Splunk Log Observer Splunk Log Observer offers a no-code experience for finding and analyzing logs data integrated with Observability Cloud, for fast troubleshooting and adding to Splunk Observability Dashboards. To learn more, sign up for a free trial. — Rebecca Tortell, Principal Product Manager, Observability ... View more