Cisco announces Splunk-powered Agentic AI innovations

Splunk this week is announcing three new products around data fabric, security and observability powered by Agentic AI at its .conf25 event.

The company, which was acquired by Cisco in March 2024, announced Cisco Data Fabric, designed to unlock siloed and fragmented machine data — from the edge, cloud and hybrid environments — to provide organizations with actionable intelligence upon which better decisions can be made.

According to the company, among the capabilities are a time series foundation model for pattern analysis of time series data to detect anomalies and their root causes across the Data Fabric; borderless real-time search and analysis; and it offers an open architecture that adapts to any environment with open standards.

The company also announced Splunk Federated Search for Snowflake tha enable organizations to combine data across Splunk and Snowflake environments.

Cisco Elevates the SOC with Agentic AI for Faster Threat Response and Reduced Complexity

Cisco has introduced Splunk Enterprise Security Premier and Splunk Enterprise Security Essentials, an agentic AI-powered SecOps solution. A Security Essentials package includes Splunk Enterprise Security 8.2, Splunk AI Assistant in Security and Detection Studio. The Security Premier package includes Enterprise Security 8.2, AI Assistant, Splunk SOAR, Splunk UEBA and Detection Studio.

The Enterprise Security editions use AI agents to prioritize and explain alerts, and to reverse explain malware line by line, and to translate natural language intent into functional, SOAR playbooks, the company said.

Cisco also unveiled a series of AI features to power the agentic SOC of the future, where analysts focus on strategic decision-making and AI handles routine tasks.  These offerings include bringing eBPF into Splunk for visibilty across workloads, the ability to view security analytics on firewall logs stored in Security Analytivcs and Logging.

Splunk Supercharges Observability with Agentic AI for Real-Time Business Insights

Cisco unveiled agentic AI-powered Splunk Observability that unifies observability across environments, surfaces business insights, and extends visibility into the performance of those AI agents.

Those agents collect telemetry, find issues, identify the causes of those issues, and applies fixes. Innovations in Splunk IT Service Intelligence include setting up automated alert grouping and correlation, and provides trends, impact aned root cause from those group alerts to enable faster troubleshooting.

Splunk tools also help teams monitor their AI applications stacks, including agents, LLMs, and AI infrastructure through the use of unified observability. Cisco does this by bring Splunk AppDynamics and Splunk Observability Cloud together for visibilty across three-tier and microservices, as well as integrating with Cisco ThousandEyes to find the network’s impact on application performance and user experience.