Splunk Outage History

Splunk is up right now

Splunk had 15 outages in the last 2 years totaling 716h 32m of downtime — averaging 0.6 incidents per month.

There were 15 Splunk outages since August 19, 2025 totaling 716h 32m of downtime. Each is summarised below — incident details, duration, and resolution information.

Source: https://status.splunkcloud.com

Minor May 28, 2026

DNS synchronization issue affecting HEC dash DNS records | #cinc-66607_cloud_multiple(Degraded Performance)

Detected by Pingoru
May 28, 2026, 06:22 AM UTC
Resolved
May 28, 2026, 07:21 AM UTC
Duration
59m
Affected: Ingest Processor
Timeline · 2 updates
  1. identified May 28, 2026, 06:22 AM UTC

    Some customers are experiencing ingestion issues due to a DNS synchronization issue affecting HEC dash DNS records using the format http-inputs-${stack}.splunkcloud.com. HEC ingestion using the current dot-format DNS records, http-inputs.${stack}.splunkcloud.com, is functioning correctly. As a mitigation, customers using the dash-format HEC endpoint should update their upstream systems to use the dot-format endpoint: http-inputs.${stack}.splunkcloud.com. Our engineering teams are working to restore the affected DNS records through Zone DNS synchronization. We will provide another update once DNS synchronization has completed or if there is a meaningful change in impact.

  2. resolved May 28, 2026, 07:21 AM UTC

    Some customers experienced traditional HEC ingestion issues due to a DNS synchronization issue affecting HEC dash DNS records using the format http-inputs-${stack}.splunkcloud.com. HEC ingestion using the current dot-format DNS records, http-inputs.${stack}.splunkcloud.com, is functioning correctly. This issue was resolved for affected customers by 07:00 UTC.

Read the full incident report →

Minor May 28, 2026

AWS Privatelink unable to receive HEC data with multiple AWS regions impacted | #cinc-66607_cloud_multiple_privatelink (Major Outage)

Detected by Pingoru
May 28, 2026, 01:31 AM UTC
Resolved
May 28, 2026, 01:43 AM UTC
Duration
11m
Affected: Ingest Processor
Timeline · 5 updates
  1. identified May 28, 2026, 12:15 AM UTC

    We’re investigating an issue affecting some customers hosted in ap-northeast-1, eu-central-1, and us-east-1. Impacted Splunk Cloud Platform customers in these regions may experience access issues. Our teams are actively working to restore service, and we’ll share updates as more information becomes available

  2. monitoring May 28, 2026, 01:27 AM UTC

    A mitigation has been successfully applied across the fleet. Engineering teams are actively monitoring to confirm service has been fully restored and to ensure no further interruptions occur.

  3. identified May 28, 2026, 01:31 AM UTC

    We identified an issue caused by an internal change on May 26, 2026, that impacted ingestion through a PrivateLink. A fix has been identified, released and is currently rolling out. Some customers may continue to experience impact while the fix is being applied. We’ll provide another update once rollout is complete. Our teams are actively working to restore service and will provide another update as soon as more information is available

  4. monitoring May 28, 2026, 01:41 AM UTC

    A fix has been implemented and we are monitoring the results.

  5. resolved May 28, 2026, 01:43 AM UTC

    The incident has been resolved. Our investigation determined that an internal configuration change began impacting service at 20:34 UTC on May 27, 2026. A fix was developed and rolled out beginning at 23:45 UTC, with full remediation completed by 03:45 UTC on May 28, 2026. We apologise for any inconvenience this caused and appreciate your patience while our teams worked to restore service.

Read the full incident report →

Critical May 4, 2026

Search outage | CINC-66213 (Major Outage)

Detected by Pingoru
May 04, 2026, 06:19 PM UTC
Resolved
May 04, 2026, 08:41 PM UTC
Duration
2h 22m
Affected: Search
Timeline · 6 updates
  1. identified May 04, 2026, 06:19 PM UTC

    We are currently addressing a major service disruption affecting search performance, which began at 16:34 UTC. Users may experience degraded search performance and intermittent UI errors. Our engineering teams have identified the root cause and are actively working to deploy a resolution. We are monitoring the situation closely and will provide further updates as they become available.

  2. identified May 04, 2026, 06:49 PM UTC

    We are observing service recovery for the majority of our customers. Our engineering teams are actively investigating and addressing the remaining isolated cases where service has not yet been fully restored. We will continue to monitor the environment closely until all services are operating at normal capacity.

  3. monitoring May 04, 2026, 07:09 PM UTC

    We have implemented a fix for this issue. During this time we are monitoring the results to confirm the resolution and will continue to provide any additional updates once available.

  4. monitoring May 04, 2026, 07:38 PM UTC

    We are continuing to monitor for any further issues.

  5. monitoring May 04, 2026, 08:04 PM UTC

    We are continuing to monitor the restoration of services for the majority of our impacted customers. Our teams are working diligently to resolve remaining issues for any users who have not yet seen a full return to normal service. We will continue to monitor the environment closely until all services are fully operational.

  6. resolved May 04, 2026, 08:41 PM UTC

    This incident has been resolved.

Read the full incident report →

Notice May 2, 2026

Internal IT issue (Major Outage)

Detected by Pingoru
May 02, 2026, 01:44 AM UTC
Resolved
May 02, 2026, 08:01 AM UTC
Duration
6h 17m
Affected: LoginIngest ProcessorSearchIndexInfrastructure
Timeline · 3 updates
  1. investigating May 02, 2026, 01:44 AM UTC

    We are currently experiencing an internal IT service disruption. As a result all planned maintenance activities scheduled are being paused/canceled and we will provide further updates as more information becomes available.

  2. monitoring May 02, 2026, 03:01 AM UTC

    The issue is currently stable, and teams are continuing to monitor service behaviour closely. We will continue to provide updates until the issue is fully resolved.

  3. resolved May 02, 2026, 08:01 AM UTC

    This incident has been resolved.

Read the full incident report →

Major April 9, 2026

Service Advisory: KVservice issues impacting Enterprise Security search performance

Detected by Pingoru
Apr 09, 2026, 01:04 AM UTC
Resolved
Apr 09, 2026, 01:25 AM UTC
Duration
21m
Affected: Search
Timeline · 3 updates
  1. investigating Apr 09, 2026, 12:10 AM UTC

    Our engineering team has identified an issue with the KVservice that is currently impacting search performance for ad-hoc, saved, and scheduled searches. Additional symptoms may include, but not limited to: - Inability to save searches within the Enterprise Security (ES) application. - Errors when attempting to update application settings, such as credentials. This is an active investigation. We are working to resolve this as quickly as possible and will provide status updates as more information becomes available. We apologize for any inconvenience this may cause.

  2. identified Apr 09, 2026, 01:04 AM UTC

    Our engineering teams have narrowed the scope of the issue: Any search utilizing the KV Services were failing. This impact extended to the Mission Control and Analyst Queue dashboards. Additionally, we have identified the root cause and are actively mitigating the impact. Once mitigation is complete, we will continue to monitor the environment to ensure service stability for all users. We will continue to provide status updates as more information becomes available. We apologize for the inconvenience and appreciate your patience.

  3. resolved Apr 09, 2026, 01:25 AM UTC

    Our engineering team has successfully implemented the fix for the KVservice issue. We have monitored the environment and can confirm that there are no recurring errors. All searches and dashboards within the Enterprise Security (ES) application are now fully operational. If you continue to experience any issues related to this incident, please contact us by submitting a support case. We apologize for the inconvenience this may have caused and appreciate your patience as we worked to restore service.

Read the full incident report →

Minor March 3, 2026

Cloud Provider Outage Affecting UAE Region

Detected by Pingoru
Mar 03, 2026, 06:07 PM UTC
Resolved
Mar 25, 2026, 05:27 PM UTC
Duration
21d 23h
Affected: LoginIngest ProcessorSearchIndex
Timeline · 4 updates
  1. identified Mar 03, 2026, 06:07 PM UTC

    Cisco is aware of an ongoing cloud service provider outage in the Middle East affecting multiple cloud offers and services. As a result, Login, Search and Ingest may be impacted for customers in the affected region. Cisco and Splunk are exploring what options are available for affected customers and will contact those affected customers directly. We will continue to closely monitor this issue as it unfolds.

  2. identified Mar 04, 2026, 10:31 PM UTC

    Cisco is aware of an ongoing cloud service provider outage in the Middle East affecting multiple cloud offers and services. As a result, Login, Search and Ingest may be impacted for customers in the affected region. Cisco and Splunk are exploring what options are available for affected customers and will contact those affected customers directly. We will continue to closely monitor this issue as it unfolds.

  3. identified Mar 11, 2026, 03:45 PM UTC

    Cisco is aware of an ongoing cloud service provider outage in the Middle East affecting multiple cloud offers and services. As a result, Login, Search and Ingest may be impacted for customers in the affected region. Cisco and Splunk are exploring what options are available for affected customers and will contact those affected customers directly. We will continue to closely monitor this issue as it unfolds.

  4. resolved Mar 25, 2026, 05:27 PM UTC

    Cisco has confirmed that the impact of the cloud service provider outage in the Middle East has been mitigated. Cisco engineers have successfully transitioned affected services out of the region. We have identified all affected customers and will be reaching out to each of you individually to discuss specific next steps and any necessary remediation. A proactive support case has been opened on your behalf to coordinate this effort. If you have any immediate concerns, please reach out to your account team or simply reply to your support case. Cisco appreciates your patience and cooperation on this matter.

Read the full incident report →

Critical November 18, 2025

Multiple Services Outage

Detected by Pingoru
Nov 18, 2025, 12:52 PM UTC
Resolved
Nov 18, 2025, 09:52 PM UTC
Duration
9h
Affected: Infrastructure
Timeline · 8 updates
  1. investigating Nov 18, 2025, 12:52 PM UTC

    We are currently experiencing a KVService outage impacting services. Our teams are actively working to resolve the issue. We will provide an update within the next 60 minutes.

  2. investigating Nov 18, 2025, 02:01 PM UTC

    We are currently experiencing a global outage impacting multiple Splunk services including Vault, KVService, Identity and Access Control (IAC), Splunk Mobile app, VictorOps, and Ingest processor, Edge processor. Customers may experience service disruptions such as login failures, lookup access issues, and degraded performance. We acknowledge the impact and are actively working with our partners to restore full service.

  3. investigating Nov 18, 2025, 03:30 PM UTC

    We are still investigating the issue. Customers may experience service disruptions such as login failures, lookup access issues, and degraded performance. We acknowledge the impact and are actively working with our partners to restore full service.

  4. monitoring Nov 18, 2025, 04:34 PM UTC

    Splunk continues to monitor and remediate the services affected by this issue. Several services remain impacted; however, they are currently in a recovering state. We do not have an ETA for full recovery at this time, but our teams are working to restore services as quickly as possible. We appreciate your continued patience.

  5. monitoring Nov 18, 2025, 05:27 PM UTC

    Several Splunk services are still in a recovering state. Our teams continue to monitor progress and work through remaining backlogs to fully restore functionality. We will provide further updates as recovery advances.

  6. monitoring Nov 18, 2025, 06:24 PM UTC

    All impacted Splunk services are back up, with a few still in recovery and monitoring. Our teams continue to work through remaining backlogs and validate full functionality across all components.

  7. monitoring Nov 18, 2025, 09:20 PM UTC

    All impacted Splunk services are back up, with Ingest Processor still in recovery and monitoring. Our teams continue to work through remaining backlogs and validate full functionality across all components.

  8. resolved Nov 18, 2025, 09:52 PM UTC

    All impacted services have been fully remediated. Systems are operating normally, and no further impact is expected. We will continue to monitor to ensure full service stability. Thank you for your patience throughout this incident.

Read the full incident report →

Critical November 4, 2025

Login unavailable | CINC-63161 | Major Outage

Detected by Pingoru
Nov 04, 2025, 05:42 PM UTC
Resolved
Nov 04, 2025, 08:21 PM UTC
Duration
2h 39m
Affected: Login
Timeline · 6 updates
  1. investigating Nov 04, 2025, 05:42 PM UTC

    We are aware that some customers are currently experiencing issues logging in to the Splunk Cloud Platform. Our technical teams are actively engaged and investigating the root cause. We are working to resolve this as quickly as possible and will provide further updates as more information becomes available.

  2. investigating Nov 04, 2025, 06:12 PM UTC

    We are continuing to investigate this issue.

  3. investigating Nov 04, 2025, 06:41 PM UTC

    We are continuing to investigate this issue.

  4. identified Nov 04, 2025, 06:59 PM UTC

    The issue has been identified and a fix is being implemented.

  5. monitoring Nov 04, 2025, 07:42 PM UTC

    A fix has been implemented and we are monitoring the results.

  6. resolved Nov 04, 2025, 08:21 PM UTC

    This issue has been resolved. Teams will now begin their root cause analysis. If you believe that you are still impacted by this issue please contact customer support and reference CINC-63161.

Read the full incident report →

Major October 24, 2025

Lookups failing for KVService | CINC - 62975 | Major Outage

Detected by Pingoru
Oct 24, 2025, 03:42 PM UTC
Resolved
Oct 25, 2025, 07:00 AM UTC
Duration
15h 18m
Affected: SearchIndex
Timeline · 7 updates
  1. investigating Oct 24, 2025, 03:42 PM UTC

    We are investigating a potential issue with KVService, that may impact several Splunk cloud platform customers in eu-central-1. As a result of this issue, customers are experiencing lookups failing to complete. We will provide an update within the next 30 minutes.

  2. investigating Oct 24, 2025, 04:08 PM UTC

    We are continuing to investigate this issue.

  3. investigating Oct 24, 2025, 04:40 PM UTC

    We continue to investigate the issue with KVService, that may impact several Splunk cloud platform customers in eu-central-1. As a result of this issue, customers are experiencing lookups failing to complete as well as errors within Splunk applications that depend heavily on KVService.

  4. investigating Oct 24, 2025, 05:30 PM UTC

    We are continuing to investigate this issue.

  5. identified Oct 24, 2025, 06:01 PM UTC

    The issue has been identified and a temporary fix is implemented.

  6. monitoring Oct 24, 2025, 06:42 PM UTC

    A fix has been implemented and we are monitoring the results.

  7. resolved Oct 25, 2025, 07:00 AM UTC

    This incident has been resolved after applying the fix.

Read the full incident report →

Minor September 22, 2025

Splunk Mobile app cannot connect to Splunk Secure Gateway

Detected by Pingoru
Sep 22, 2025, 10:15 AM UTC
Resolved
Sep 22, 2025, 07:09 PM UTC
Duration
8h 53m
Affected: Login
Timeline · 4 updates
  1. investigating Sep 22, 2025, 10:15 AM UTC

    We have identified an issue with the Splunk Mobile app not being able to connect to Splunk Secure Gateway. This issue ONLY affects the mobile apps, and not customer's Splunk Enterprise/Splunk Cloud instances. Your patience is greatly appreciated and we will provide more updates as we investigate and work on a fix for the issue.

  2. identified Sep 22, 2025, 12:06 PM UTC

    The issue has been identified and a fix is being implemented. Please note that the issue ONLY affects the Splunk mobile app, and not customer's Splunk Enterprise/Splunk Cloud instances.

  3. identified Sep 22, 2025, 02:58 PM UTC

    A fix has been identified and is being currently implemented. Please note that the issue ONLY affects the Splunk mobile app, and not customer's Splunk Enterprise/Splunk Cloud instances.

  4. resolved Sep 22, 2025, 07:09 PM UTC

    A software fix has been provided for release to consumers. iOS version 2.44.0 is ready and available for customer download via the App Store. Android version 2.43.1 is awaiting review and will be released in the upcoming days. Affected customers should update to the fixed app version as soon as it is available. Please note that the issue ONLY affects the Splunk mobile app, not customers' Splunk Enterprise/Splunk Cloud instances.

Read the full incident report →