PagerDuty Blog

Splunk.conf 2016 – Where Machine Data Met Incident Resolution

Does PagerDuty Splunk?

A question many asked last week as PagerDuty attended the 7th annual Splunk.conf in Orlando, Florida. To answer that question bluntly, ABSOLUTELY PagerDuty Splunks! Not only do we boast a native integration with the machine learning tool, but we also use it internally to analyze our own data.

Splunk has been a longtime partner of PagerDuty. And why not? They’re the industry leader for machine data. But what happens when Splunk finds that “needle in the haystack” and an on-call engineer needs to know about an incident immediately? Insert, PagerDuty!

How does PagerDuty Splunk?

A fair amount of the conversations on the show floor revolved around how PagerDuty improves what Splunk already does best: presenting big data in a digestible way.

At PagerDuty, we pride ourselves in bridging the gap between your people and your toolset — both of which are continuously changing. At our core, we connect the right people to the right issues in real-time, so naturally, we align with tools delivering this data to those consuming it.

The native PagerDuty + Splunk integration sends alerts to PagerDuty using Splunk’s native webhooks. Splunk and PagerDuty together allow for incident responders to leverage the Splunk alerts framework with one click, through a PagerDuty notification (phone, push, SMS, or email), to save significant time and energy.

As a result of delivering Splunk data directly within an alert, the PagerDuty + Splunk native integration allows you to significantly reduce alert noise across your infrastructure. PagerDuty has the ability to streamline and group incident data within our platform, preventing information overload. The PagerDuty platform allows users to group incidents together into one overall event, in any way that makes sense for them to digest. Additionally, you have to option of bringing in other responders.

PagerDuty drinks the Splunk Kool-Aid too!

Not only does PagerDuty have a native integration with Splunk, we also use Splunk internally. At Splunk.conf, we were able to discuss best practices and demonstrate exactly how we use and built out our own Splunk dashboard.

Partner shows are increasingly important for us. While a fair amount of people attending Splunk.conf were already customers, we were able to show new features sets and improvements within the native integration. Perhaps, an account we speak with at a show is already actively using PagerDuty for incident management, but not with said tool directly.

It’s having conversations engineer-to-engineer that truly allow for us to receive product feedback from practitioners using our tool, to help us improve it. We appreciate those of you who came by the booth and spoke with us. Know that we hear your pains, and we’re here to help! Thank you to our partners at Splunk; you put on a great show, as always. And to the hundreds of you that visit with us at every show just to say, “WE LOVE YOU GUYS…”, thank you! We love you too.

If you want to visualize more, you can check out this awesome video our team put together to highlight the native PagerDuty + Splunk integration. Also, to see what event we’re we’re off to next, check out our events page.

Until next time, happy logging!