Splunk Resolve IT Automation Incident Resolution

Take Automatic Action on Splunk Notable Events

Splunk is a leader in analyzing organizations’ big data, helping IT and network operations teams monitor critical infrastructure, services, and network devices. With this integration, operations teams can improve efficiency and service delivery. Run Splunk queries to help catch issues early, and automatically validate Splunk notable events to save the team from “alert fatigue.” When events and query results point to unfolding incidents, Resolve provides cutting-edge automation, purpose-built for the specific challenges of incident resolution, in the Resolve interface or right in Splunk ITSI. Certified by Splunk, Resolve helps speed and automate responses to the events and incidents Splunk uncovers.

Focus Resources on Real Incidents

Focus Resources on Real Incidents

Protect the team’s productivity by eliminating false and transient alarms through automated validation

Diagnose Incidents Faster

Diagnose Incidents Faster

When you can’t fully automate resolution, empower agents with a view of automated diagnostics

Reduce Incident Escalations

Reduce Incident Escalations

Give agents troubleshooting instructions with embedded automations to help resolve incidents without direct access to critical systems

Detection Meets Resolution

Splunk Detection

  1. Infrastructure Monitoring
  2. Server Monitoring
  3. Virtualization Monitoring
  4. Cloud Monitoring
  5. Business and IT Service Monitoring
  6. Application Monitoring

Automatically Validate, Diagnose, and Resolve

  • Infrastructure Incidents
  • Server Incidents
  • Virtual Infrastructure Incidents
  • Cloud Infrastructure Incidents
  • Core Service Incidents
  • Business Process Incidents

Plus

  • Perform Proactive Server Health Checks
  • Perform Proactive Virtual Machine Health Checks
  • Scan and Provision Cloud Services
Splunk ITSI Interface Resolve Incident Resolution

Operators can reach Resolve Guided Resolution right within the Splunk ITSI interface

Resolve validates and diagnoses events, giving operators a clear view of system status

Featured Use Cases for IT Operations

When Splunk Alerts, Resolve Takes Action

Splunk Detects

  • Monitor virtual host utilization levels
  • Create Notable Event on threshold breach

Resolve Acts

  • Trigger on new virtual host utilization event
  • Query virtual host utilization
  • Create a support ticket
  • Interrogate virtual cluster
  • Display diagnostic results
  • Provide procedure for virtual server migration

Splunk Detects

  • Monitor customer portal page functionality
  • Create Notable Event on operation failure

Resolve Acts

  • Trigger on new portal page-response event
  • Interrogate for outage and/or performance degradation
  • Create a support ticket
  • Notify response teams

Splunk Detects

  • Monitor for hardware fault
  • Create Notable Event on faultResolve Acts

Resolve Acts

  • Trigger on hardware fault event
  • Identify degraded component
  • Create a support ticket
  • Request component replacement from vendor
  • Schedule server maintenance

Splunk Detects

  • Monitor URL availability
  • Create Notable Event on unresponsive URL

Resolve Acts

  • Trigger on URL-availability event
  • Query service status
  • Create a support ticket
  • Restart service
  • Check availability
  • If unresponsive, escalate ticket

Splunk Detects

  • Monitor hard drive
  • Create Notable Event on low disk space

Resolve Acts

  • Trigger on low disk space event
  • Query disk
  • Create a support ticket
  • Identify removable files
  • Display diagnostic results
  • Provide procedure file removal

Get Started with Incident Resolution and Automation