Cisco introduced Splunk Federated Search for Snowflake, a new integration within the Splunk Platform that enables organizations to connect, query, and unify operational and business data across both environments. Through this collaboration with Snowflake, the AI Data Cloud company, Cisco reinforces its commitment to open data ecosystems and supports faster, deeper insights from enterprise data.
In the agentic AI era, organizations face an unprecedented surge in data volumes and sources, with critical information scattered across multiple platforms. Unified visibility across diverse data sources is essential to meet security, observability, and operational objectives. Splunk Federated Search for Snowflake directly addresses this challenge by enabling teams to query Snowflake data from within the familiar Splunk interface, enrich it with Splunk data, and drive new levels of analytics and insights.
“Splunk Federated Search for Snowflake makes it simple for customers to access and act on their data, uniting business and operational insights in one view,” said Kamal Hathi, SVP and GM, Splunk, a Cisco company. “Together with the Snowflake integration, we’re creating a more open ecosystem to help organizations use data to make faster decisions, accelerate innovation, and deliver more trusted customer experiences.”
“Our integration with Splunk extends Snowflake as a trusted platform for unifying and simplifying data access at scale,” said Carl Perry, Head of Analytics, Snowflake. “Through the integration, Snowflake and Splunk will be able to more effectively connect data and break down silos for our joint customers. This makes it easier for organizations to harness business and operational data, enabling insights to flow to where they are needed most to power data insights and AI innovation at scale. This integration will give enterprises the power to drive faster data-driven decisions and will help them stay ahead in the AI era where data is paramount.”
Splunk Federated Search for Snowflake: Unified Data, Unmatched Flexibility
With Splunk Federated Search for Snowflake, users will use the Splunk interface to perform queries on Snowflake data and seamlessly join it with data already in Splunk. This enables teams to set business context for critical ITOps, SecOps, and engineering use cases, eliminating data silos and accelerating issue detection, triage, and resolution.
Key capabilities include:
- Easy onboarding: Seamlessly add Snowflake as a data source in Splunk.
- Federated query experience: Write SPL-like queries to search Snowflake data directly from Splunk.
- Powerful data joins: Use next generation Splunk Federation capabilities to combine Snowflake and Splunk datasets for deeper business context and insight.
- Efficient querying: Leverage Snowflake analytics for partial query and perform final data joins in Splunk.
Live Demo at Splunk .conf25
See Splunk Federated Search for Snowflake in action at Splunk .conf25, where Splunk and Snowflake will showcase a live demonstration of how the integration bridges operational and business data using both AWS S3 and Snowflake as federated data sources. This demo highlights how organizations can break down data silos, accelerate triage, and make more informed decisions while maintaining the unique strengths of both platforms.
Availability
For Splunk Cloud AWS commercial customers, Splunk Federated Search for Snowflake will become generally available globally in July 2026.
To learn more about the Cisco introduction to Splunk Federated Search for Snowflake, visit the website here.
Related News:
Cisco Research: AI Drives Architectural Shift Amid Infrastructure Strain
