InSitzes App for Splunk Cloud

The InSitzes App for Splunk Cloud is a unified monitoring suite that gives administrators actionable insight into ingestion, system performance, workload management, search efficiency, storage, and compute consumption across their Splunk Cloud environment. Rather than hopping between the Cloud Monitoring Console, license pages, and ad-hoc searches, admins get one React-powered dashboard with 12 purpose-built tabs to answer the questions that matter most: Is my environment healthy? Is data flowing reliably? Are searches running efficiently? Where are my SVCs being consumed? How fast is storage growing, and do I have enough capacity to meet demand? The Health tab runs 31 automated checks across 8 categories — System, Ingestion, Data Quality, Search, Compute, Storage, Workload, Forwarding, and Capacity — with weighted severity scoring and a rolled-up environment health score so you know at a glance where to focus. Individual tabs drill into SVC attribution by user, app, search head, provenance and search type; DDAS and DDAA storage utilization and forecasting with an optional Cost Mode; scheduled search skip reasons and wasteful-search detection; WLM filtered, reclassified, and aborted search rates; HEC throughput and SSL connectivity issues; dashboard refresh frequency and chain-search analysis; indexer cache churn and queue health; and license headroom trends. A guided Remediation tab translates every health finding into concrete next steps. All charts render client-side as SVG so dashboards export cleanly to PDF for executive reporting. Ingestion data is read live from _internal license_usage events, eliminating scheduled-lookup maintenance. Pre-built alert saved searches (disabled by default) are included for ingestion anomalies, storage utilization, app updates, large lookup files, and redundant scheduled searches. The app helps teams proactively detect issues, optimize resource usage, and align capacity to real business demand.