Leveraging OpenTelemetry and Splunk: Empowering Indian Organizations in Observability and Security
CXOToday has engaged in an exclusive interview with Dhiraj Goklani, Area Vice President, South Asia | Splunk
How can Indian organisations leverage OpenTelemetry effectively, and how is Splunk helping them realise its benefits?
OpenTelemetry serves as a vendor-neutral standard that empowers organisations to enhance their observability by streamlining data collection and export across systems. By tracking metrics, logs, and traces in real time, teams can diagnose and resolve issues more efficiently, facilitating seamless cloud transitions and building resilient infrastructures.
However, the journey to implementing OpenTelemetry can present challenges, particularly during digital transformation. Common hurdles include managing a variety of telemetry data sources, ensuring robust data security, and addressing skill gaps in telemetry deployment. To effectively navigate these challenges, Indian organisations can start by adopting best practices such as establishing a standardised data collection process, implementing strong access controls, and engaging with OpenTelemetry experts.
Splunk enhances these efforts through its integration with OpenTelemetry, which centralises data and provides AI-driven insights. This enables Indian businesses to swiftly detect performance issues and prevent downtime Additionally, Splunk offers specialist support tailored to each organisation, helping them effectively tackle observability challenges and unlock the full potential of OpenTelemetry.
With the cybersecurity talent gap, how can Splunk AI empower existing security teams and bridge this gap?
India’s cybersecurity job market is booming, driven by a growing demand for skilled professionals as businesses and government agencies enhance their digital operations. According to a recent study, cybersecurity job postings increased by 14% between September 2023 and September 2024. However, this surge in demand is juxtaposed with a significant shortage of around one million cybersecurity professionals in the country, particularly in specialised roles.
Splunk AI offers essential support by combining automation with a human-in-the-loop approach. This approach enables organisations to accelerate investigation, detection, and response while retaining control over how AI is applied to their data. Splunk AI builds on our long-standing expertise in data visibility and years of AI and ML innovation. This enriches the customer experience with domain-specific insights tailored for security and observability use cases.
Rather than replacing human expertise, Splunk AI acts as a co-pilot, quickly delivering facts, summarising events, and prioritising alerts while ensuring that humans remain in control. For instance, Splunk AI Assistants for SPL allow analysts to engage with data using natural language, simplifying complex analyses, and enhancing productivity. When it comes to security, Splunk AI is able to help security teams expedite investigations by summarising events and providing guidance, prioritising alerts to enhance response times. This enables less experienced individuals to contribute effectively, and in turn closing the skills gap.
Can you provide a specific example of how an Indian customer can benefit from Splunk in terms of improved security or observability?
For a major Indian financial institution grappling with increasing regulatory scrutiny, Splunk delivers transformative benefits in both security and observability. Compliance demands have intensified as India’s regulatory landscape tightens, particularly in sectors like BFSI. Per our State of Security 2024 Report, 63% of cybersecurity professionals believe heightened compliance could lead to over-reporting of breaches. Splunk’s capabilities provide a streamlined solution to manage these pressures effectively, enabling organisations to maintain transparency and accuracy in their reporting.
As AI adoption gains momentum, it also creates opportunities for cyber adversaries to launch more sophisticated attacks. Bad actors can leverage AI to create deepfakes and disseminate disinformation, further expanding the attack surface of organisations and public institutions. This trend is especially prevalent among financial institutions in India, which are increasingly vulnerable to cyber threats. Recent data from the Reserve Bank of India (RBI) indicates that in the first half of FY24, there were over 14,000 cases of banking-related scams.
By consolidating event logs, network data, and endpoint information, Splunk empowers this institution to monitor threats in real time and swiftly identify risk patterns. Implementing automated incident workflows significantly reduces response times, enhancing overall security management and minimising regulatory risks.
What key trends will shape the future of observability in the Indian market, and how is Splunk positioned to support these advancements?
Indian organisations are showing a strong commitment to innovation, with 20% emerging as leaders in observability—nearly twice the global average, according to our State of Observability 2024 report. This is evident in the fact that 96% of Indian companies are actively investing in solutions aimed at reducing the time spent by developers on incidents and alerts.
Looking ahead, several key trends are emerging that will shape the observability landscape in India:
- Cloud-native Observability: With more organisations adopting cloud architectures, there’s a growing need for robust end-to-end observability tools. Splunk’s solutions are designed to deliver comprehensive insights into cloud environments, helping organisations manage operations more effectively.
- AI-driven Observability: AI and ML integration is shifting observability into a more predictive field. Splunk empowers teams to resolve issues proactively through anomaly detection and predictive analytics- advancing overall AIOps capabilities.
- Unified Security and Observability: As the threat landscape changes, combining security with observability will allow for faster threat detection. Splunk’s unified solutions offer comprehensive monitoring of both system health and security.
- OpenTelemetry Adoption: The rise of OpenTelemetry is shaping how organisations collect and analyse data. Splunk’s compatibility ensures seamless data collection, giving organisations a unified IT view.
- Digital Experience Monitoring (DEM): As user experience takes centre stage, DEM tools are becoming more vital to enhance customer experiences. Splunk offers two key products: Synthetics and Real User Monitoring (RUM). Synthetics uses synthetic data to proactively identify performance issues, allowing for optimisation in pre-production environments, while RUM provides real-time insights into actual user interactions. By combining proactive and reactive monitoring, organisations can prevent potential issues and refine applications based on real user feedback.
Splunk’s commitment to interoperability and open standards positions us as an ideal partner for enterprises navigating these changes.
How does Splunk’s security portfolio integrate with its observability solutions to provide a holistic view for Indian organisations?
Splunk’s unified security and observability portfolio equips Indian organisations with a comprehensive, holistic view of their IT infrastructure, thereby empowering teams to monitor and protect their systems more effectively. This drives faster detection, investigation, and response to incidents. By correlating security events with performance metrics, Splunk enables organisations to swiftly identify root causes, facilitating immediate remediation. For instance, when a security breach impacts system performance, teams can concurrently assess and address both security and operational concerns, enhancing proactive security management.
Splunk’s solutions are powered by the Splunk Platform, which delivers unparalleled visibility across digital environments at scale. This capability bridges the islands of data within organisations, simplifying data access and visualisation. It also facilitates cross-domain analysis and correlation, ensuring comprehensive oversight of security and operational health. Splunk Observability enables organisations to gain richer insights to monitor critical issues, such as disrupted user transactions and supply chain outages. This empowers ITOps, SecOps and engineering teams to take swift and accurate corrective actions to enhance digital resilience.