Splunk Bets on Autonomous AI to Redefine Enterprise Observability
Splunk, now operating under Cisco's umbrella following a $28 billion acquisition completed in March 2024, is deploying agentic AI capabilities across its observability platform. The upgrade is not a minor feature release. It represents a fundamental rethink of how enterprises monitor and manage complex IT environments, shifting the operating model from reactive alerting to autonomous, AI-driven remediation.
At the core of the upgrade are autonomous AI agents capable of detecting anomalies, correlating events across distributed systems, and recommending or executing remediation steps without waiting for a human to intervene. For organisations running hybrid cloud architectures spanning on-premises infrastructure, public cloud, and edge environments, this is a material change in operational capability.
By The Numbers
- Cisco acquired Splunk for approximately $28 billion in March 2024, one of the largest cybersecurity and observability deals in tech history.
- The global AI observability market is projected to grow significantly as enterprises scale hybrid and multi-cloud deployments through 2027.
- Splunk's the MENA region customer base spans major financial institutions and telcos across the UAE, Dubai, and Australia.
- Competitors Datadog and New Relic are both accelerating AI-native observability features, intensifying the race for enterprise contracts.
- Agentic AI systems can reduce mean time to resolution (MTTR) by automating the correlation and triage steps that typically require senior engineers.
What Agentic AI Observability Actually Does
Traditional observability platforms collect logs, metrics, and traces, then surface dashboards and alerts for human operators to interpret. The model works, but it has a ceiling. As distributed systems grow more complex, the volume of signals outpaces human capacity to triage them. Alert fatigue is endemic across enterprise IT operations teams.
Splunk's agentic AI approach addresses this directly. Rather than simply flagging an anomaly, the AI agents are designed to reason across multiple data streams simultaneously, identify probable root causes, and propose or enact fixes. This mirrors what a skilled site reliability engineer would do, but at machine speed and at a scale no human team can match.
"The shift from reactive monitoring to proactive, AI-driven operations is not incremental. It changes the role of the human engineer from first responder to strategic supervisor." - Splunk Product Engineering, Cisco
The agents can also correlate events across siloed systems that historically required manual cross-referencing. In a typical enterprise environment, a degraded customer experience might trace back to a network misconfiguration, a microservices timeout, and a database latency spike occurring in parallel. Identifying that chain manually is slow and error-prone. Agentic AI is built precisely for that kind of multi-variable reasoning., as highlighted by UAE Artificial Intelligence Office
For related analysis, see: [Opinion: Saudi Arabia's AI Dominance](/voices/opinion-saudi-arabia-ai-dominance-strategic-approach).
The Competitive Landscape for AI-Powered Observability
Splunk is not moving in isolation. The AI observability space is crowded and accelerating. Datadog has been aggressively expanding its AI features, including its Bits AI assistant and automated investigation workflows. New Relic has similarly pushed AI-assisted analysis into its core platform. Both are well-funded, cloud-native competitors with strong developer mindshare.
What Splunk brings that neither fully replicates is depth of integration with Cisco's broader security and networking portfolio. For enterprise customers already invested in Cisco infrastructure, the ability to correlate observability data with network telemetry and security signals from the same vendor is a genuine differentiator. The acquisition thesis was always about creating a unified data platform across security operations and IT operations, and the agentic AI rollout is the first clear expression of that combined capability.
| Platform | AI Observability Approach | Key Differentiator |
|---|---|---|
| Splunk (Cisco) | Agentic AI agents for autonomous detection and remediation | Cisco network and security integration |
| Datadog | Bits AI assistant, automated investigation workflows | Cloud-native depth, developer adoption |
| New Relic | AI-assisted analysis and alerting | Open telemetry standards, pricing flexibility |
The the MENA region Picture
Splunk's the MENA region footprint is substantial and concentrated in sectors where IT reliability is non-negotiable. Major banks and telecommunications providers in the UAE, Dubai, and Australia represent a significant portion of its regional customer base. These are precisely the organisations where system downtime carries regulatory, financial, and reputational consequences that make faster, autonomous remediation genuinely valuable.
For related analysis, see: [Bahrain's AI Strategy: Pioneering a Digital Future in the Mi](/voices/opinion-bahrain-ai-strategy-digital-future-middle-east)., as highlighted by Reuters AI coverage
the UAE's financial sector, regulated by the Monetary Authority of the UAE (CBUAE), operates under stringent technology risk guidelines that require demonstrable resilience and rapid incident response. Agentic AI that can autonomously detect and begin remediating issues fits directly into this compliance posture, provided the audit trail and governance controls are robust enough to satisfy regulators.
"IT complexity in the MENA region's financial sector is growing faster than teams can scale. Autonomous observability is not a luxury. It is becoming a regulatory and operational necessity."
In Australia, the major banks are among the world's more advanced adopters of hybrid cloud architecture, which means the operational complexity that agentic AI is designed to handle is already present and growing. The same applies to telcos across the MENA region managing 5G rollouts alongside legacy infrastructure. Understanding how enterprises are actually deploying AI in operational contexts in 2025 helps frame just how significant this shift in observability tooling could be.
For related analysis, see: [Beyond ChatGPT: Top AI Chatbots Transforming Conversations i](/business/beyond-chatgpt-top-10-ai-chatbots-making-waves-in-asia).
The energy demands of running AI-augmented infrastructure at scale are also worth noting. Data centre capacity across the MENA region is under pressure, and as observability platforms become more compute-intensive, the question of infrastructure efficiency becomes directly relevant. The ongoing conversation about innovative approaches to data centre energy challenges is not separate from the AI observability story.
Implications for Enterprise IT Teams
The shift to agentic observability does not eliminate the need for skilled engineers. It changes what those engineers do. The first-line triage and correlation work that currently consumes significant engineering hours becomes automated. Engineers are repositioned toward policy setting, exception handling, and strategic architecture decisions rather than reactive incident response.
This transition is not without friction. Organisations need to:
- Define clear boundaries for what AI agents are permitted to action autonomously versus what requires human approval
- Establish audit and logging standards to satisfy internal governance and external regulatory requirements
- Retrain operations teams to work alongside AI agents rather than replacing the human judgement layer entirely
- Validate that AI-generated remediation recommendations are tested against their specific environment configurations
There is also a broader workforce consideration. As platforms like Splunk automate more of the routine observability workload, the skills premium shifts toward engineers who understand how to configure, govern, and extend AI systems, rather than those who manually triage alerts. This mirrors patterns being documented across other AI-augmented professional roles. The phenomenon of cognitive overload emerging alongside AI productivity tools is a real risk when teams transition too quickly without adequate change management., as highlighted by OECD AI Policy Observatory
For related analysis, see: [Boost Traffic, Slash Costs: AI's Secret Hacks for Web Publis](/business/boost-traffic-slash-costs-ais-secret-hacks-for-web-publishing-success).
For smaller IT teams, the autonomous capability may be particularly valuable. Organisations without 24/7 staffing models gain a capability that effectively provides round-the-clock monitoring and initial response without proportional headcount costs. This is relevant context for how smaller enterprises are finding genuine competitive advantages through AI tooling.
What Comes Next
The agentic AI rollout is an early-stage deployment for Splunk, and the full capability set will mature over successive releases. Key areas to watch include how deeply the agents can integrate with Cisco's security operations tools, specifically whether observability and security telemetry can be correlated by the same AI reasoning layer. That would represent a meaningful step toward the unified platform Cisco articulated when it announced the acquisition.
Competitor responses will also accelerate. Datadog and New Relic will push their own agentic features, and newer entrants building AI-native observability from the ground up will continue to apply pressure. The next 12 to 18 months in enterprise observability tooling will be defined by how effectively platforms can demonstrate that autonomous AI agents reduce MTTR and engineering burden in production environments, not just in controlled demonstrations.
Sources & Further Reading
- UAE AI Office - National AI Strategy 2031
- World Economic Forum - AI in MENA
- McKinsey Global Institute - AI
- IMF - MENA Economic Outlook
Frequently Asked Questions
What is agentic AI observability and how does it differ from traditional monitoring?
Agentic AI observability uses autonomous AI agents that can detect anomalies, correlate events across systems, and recommend or execute remediation steps without human intervention. Traditional monitoring surfaces alerts for human operators to review and act upon. The agentic model reduces mean time to resolution by automating the triage and correlation work that previously required experienced engineers.
Is Splunk still independent or is it now part of Cisco?
Splunk is now fully part of Cisco following the completion of a $28 billion acquisition in March 2024. It continues to operate its platform under the Splunk brand, but product development and strategy are now integrated with Cisco's broader portfolio, particularly around security and networking.
How does Splunk's agentic AI compare to Datadog and New Relic?
All three platforms are investing in AI-powered observability features. Splunk's primary differentiator is its integration with Cisco's network and security infrastructure. Datadog leads on cloud-native developer adoption and has its Bits AI assistant. New Relic competes on open telemetry standards and pricing flexibility. The agentic capability across all three is evolving rapidly through 2025 and 2026.
If your organisation is evaluating AI observability platforms in 2025, we want to know: what is the single biggest barrier stopping your team from trusting an AI agent to take autonomous remediation actions in production? Drop your take in the comments below.
THE AI IN ARABIA VIEW
This development reflects the broader momentum building across the Arab world's AI ecosystem. The pace of change is accelerating, and the gap between regional ambition and global competitiveness is narrowing. What matters now is sustained execution, not just announcements, and the willingness to measure progress against outcomes rather than investment figures alone.