That incident became the impetus for a consolidation project that Anusha Nataraj, product manager in Cisco IT’s observability team, detailed in a session at Cisco Live.
The project has since reduced major incidents by 25% and produced zero major network outages over the last six quarters. The environment spans more than 1,500 applications, more than 71 of them externally facing, across more than 100,000 endpoints, processing more than 15,000 changes per month. The platform at the center of that consolidation is Splunk, which Cisco acquired in 2024. Cisco IT is now running its own product across its global infrastructure.
“We had the data, we had all the data, but [it’s] just that it was not stitched together, and we couldn’t see it all holistically,” Nataraj said.
The pre-consolidation observability environment at Cisco IT was not a single gap. It was a collection of them. Logs were split across a partial Splunk deployment and Elastic instances. Metrics ran across Prometheus stacks, Grafana stacks and homegrown solutions. Event management ran on a separate homegrown platform. None of these systems fed into each other.
