Splunk ITSI Integrates with Red Hat Ansible for Automated ITOps

• Splunk IT Service Intelligence now connects with Red Hat Event-Driven Ansible via a free add-on.
• The integration automates IT incident response, aiming to cut mean time to resolution (MTTR).
• Available through Splunkbase, the add-on uses webhooks or Kafka for real-time data delivery.

New Integration Targets Automated Incident Response

Splunk IT Service Intelligence (ITSI) and Red Hat Event-Driven Ansible are now linked by a free add-on, enabling IT operations teams to automate responses to incidents and alerts. The integration, announced ahead of Splunk’s annual .conf25 event, is designed to help organizations respond faster and more consistently to IT issues, leveraging artificial intelligence for operations (AIOps) and automation.

How the Integration Works

The Red Hat Event-Driven Ansible Add-on for Splunk, available on Splunkbase, connects Splunk ITSI’s observability and analytics capabilities with Ansible’s automation platform. When Splunk ITSI detects an incident or anomaly, the add-on can trigger automated actions in Ansible using a receive-decide-respond model. Supported integrations include webhooks and the open-source Kafka system for real-time data streaming.

“This isn’t just about alerts—it’s about outcomes. With Red Hat Ansible, we’re giving Splunk customers a better way to accelerate and simplify automated responses for faster MTTR,” said Anush Jayaraman, Director of Partner Solutions Engineering at Red Hat.

Benefits for ITOps Teams

The combined solution aims to reduce manual intervention, lower the volume of service tickets, and improve mean time to resolution (MTTR). By automating routine tasks such as incident ticket generation or on-call notifications, teams can focus on more complex issues and scale their automation maturity over time. Advanced use cases include building Ansible rulebooks and automating threshold-triggered responses.

For example, in manufacturing, IoT sensors can generate terabytes of real-time data, which Splunk ITSI can monitor for patterns and anomalies. When a potential issue is detected, Event-Driven Ansible can automatically initiate remediation actions, minimizing downtime and operational risk.

Getting Started and Future Plans

Organizations already using Splunk ITSI and Red Hat Ansible Automation Platform can implement the integration immediately. Splunk and Red Hat recommend starting with simple automation scenarios before expanding to more complex workflows. Additional integrations between Splunk and Red Hat products, such as Red Hat OpenShift Container Platform and Advanced Cluster Security for Kubernetes, are also in development.

The companies plan to showcase the new capabilities at .conf25, with live demonstrations and technical sessions for attendees.

Industry Context

The partnership reflects a broader trend in IT operations management, where observability platforms and automation tools are increasingly integrated to enable proactive, AI-driven incident response. Splunk, now a Cisco company, continues to expand its ecosystem through collaborations with key enterprise software providers like Red Hat.