What’s New in Virtana Container Observability: Expanded Signals for Smarter Observability

Container environments move fast and often outpace the traditional monitoring tools meant to manage them. That’s why Virtana Container Observability continues to evolve: to give you richer telemetry, smarter alert correlation, and better context across your hybrid estate.

This quarter, we’re introducing two new capabilities that close visibility gaps and extend observability to critical parts of your infrastructure:

• Windows DHCP and DNS Metrics
• Alert Ingestion from Splunk Logs

Each of these solves a specific real-world problem. Let’s break them down by capability, benefit, and how to put them into practice.

Windows DHCP and DNS Metrics for Container Observability

How This Helps You:

Windows-based infrastructure still plays a vital role in many hybrid environments, especially for core services like DHCP and DNS. Until now, these services were largely unobserved in container-native monitoring stacks. That gap ends here.

Key Capabilities:

• Collect and visualize Windows DHCP metrics:
  • Request/response counts
  • Denied responses
  • Allocated vs. released address trends
  • Queue size and service uptime/down status
• Collect and visualize Windows DNS metrics:
  • Query and response volumes
  • Recursive requests
  • Zone transfer success/failure
  • Service availability and timeout tracking
• Built-in dashboards for DHCP and DNS metrics
• SLO-based alerting:
  • Trigger alerts based on response failure ratios
  • Default out-of-the-box alert policies provided
• DHCP and DNS services modeled as appObjects, linked to running processes on the VM
• QuickView support for at-a-glance visibility of DHCP/DNS health

Benefits:

• Reduces blind spots: Brings critical Windows infrastructure into your container observability view
• Prevents outages: Detect core service failures before they affect application layers
• Accelerates troubleshooting: Isolate the root cause when latency, lookup failures, or service unavailability occur
• Unifies hybrid visibility: View Windows and Linux-based services together in a single observability stack

How to Get Started:

1. Deploy the Alloy Collector on the Windows hosts running DHCP/DNS.
2. Integrate the collectors with your Virtana Container Observability instance.
3. Navigate to Dashboards > DHCP / DNS to begin exploring metrics.
4. Configure or customize alert thresholds as needed.

Pro Tip: Use these metrics to validate IP exhaustion trends, DNS latency, or service degradation that might otherwise be invisible from container or app logs.

Splunk Log Alert Ingestion

How This Helps You:

Not every issue shows up in metrics. Some of the most valuable insights come from logs, but correlating them with the context of infrastructure has historically required manual work. With this new Splunk integration, you can bring critical log-based alerts into Virtana and correlate them with infrastructure telemetry.

Key Capabilities:

• Integrate Splunk with Virtana via a secure OAuth2-based connection
• Ingest log-based alerts directly into Virtana
• Correlate alerts with infrastructure and container-level metrics
• Remove hardcoded values from alert payloads to support dynamic usage
• Define correlation policies that connect Splunk alerts with Virtana’s observability framework
• Complete documentation for installation, configuration, authentication, and troubleshooting

Benefits:

• Connect logs to infrastructure: Bridge the gap between app-layer issues and the systems they run on
• Speed up incident triage: Surface log alerts alongside performance metrics to identify root causes faster
• Enable policy-driven responses: Trigger alert workflows that span logs, metrics, and external integrations
• Enhance existing Splunk investments: Extend your current logging strategy into the observability space

How to Get Started:

1. Download and install the Virtana for Splunk app from your Splunk instance.
2. Set up OAuth2 credentials in Virtana for secure alert ingestion.
3. Configure Splunk alert policies to send relevant events to Virtana.
4. Use correlation policies in Virtana to tie those alerts to specific infrastructure or container objects.

Pro Tip: Start with a high-signal alert like API failures or auth errors, then layer in performance and infrastructure data to see full-stack impact.

Why These Features Matter—Together

When combined, these two features give you visibility into both the core services that power your containerized environments and the application-layer behavior that lives in your logs. This expands your observability posture from the infrastructure up to the user impact while maintaining a container-native operational model.

• Windows DHCP/DNS metrics → Signal from foundational services
• Splunk alert ingestion → Signal from application-layer logs

Together, they create a more connected, actionable observability stack that supports both SRE workflows and traditional IT operations.

Additional Notes

• No additional licensing is required to enable these features if you already use Virtana Container Observability.
• Alert correlation with Splunk is policy-driven—no manual mapping required once configured.

Questions or feedback? Drop us a line; we’d love to hear how you’re using Container Observability.