Splunk Introduces OpenTelemetry eBPF Instrumentation and Kubernetes Operator at KubeCon EU 2026

Splunk announced several observability capabilities at KubeCon + CloudNativeCon Europe 2026 in Amsterdam, headlined by the beta launch of OpenTelemetry eBPF Instrumentation (OBI) and the general availability of the Splunk Operator for Kubernetes.

OBI is a zero-code observability solution that captures telemetry directly from the Linux kernel to generate distributed traces and RED metrics without requiring code modifications or service restarts. The tool is designed for environments where manual instrumentation is difficult, including applications built in Go, Rust, C++ and legacy codebases, as well as large-scale Kubernetes clusters. OBI integrates with existing OpenTelemetry SDKs to fill visibility gaps without duplicating data.

The Splunk Operator for Kubernetes, now generally available, provides a Kubernetes-native solution for deploying and managing Splunk Enterprise. It leverages Horizontal Pod Autoscalers to automatically adjust indexer capacity based on CPU usage and uses Pod Disruption Budgets to ensure service continuity during node disruptions or maintenance.

Splunk also announced beta support for native log ingestion via the OpenTelemetry Protocol, enabling customers to use a single OpenTelemetry Collector agent to standardize data collection across traces, metrics and logs. The company said the move eliminates the need for additional agents like the Universal Forwarder.

Additionally, Splunk announced enhanced Kubernetes monitoring capabilities that are now generally available. The updates include faster root cause analysis through correlated metrics, logs, events and configurations, as well as direct visibility into YAML manifests to detect configuration drift and new support for monitoring Horizontal Pod Autoscalers.