Gigamon has announced a partnership with Splunk, a Cisco company, aimed at giving organisations unified access to distributed telemetry data without requiring it to be centralised or duplicated.
The companies said Gigamon’s Deep Observability Pipeline will integrate with Splunk Federated Search, which Splunk describes as a core component of Cisco’s Data Fabric powered by the Splunk Cloud Platform. The integration is intended to support security and IT teams dealing with growing data volumes across hybrid and AI-driven environments, where data storage and processing costs can rise as organisations expand visibility and analytics.
According to the announcement, Gigamon’s Deep Observability Pipeline extracts and enriches application metadata from network traffic, including north-south and east-west flows, and produces telemetry that can be consumed by security and observability tools. Splunk Federated Search is designed to let teams query datasets in place across multiple repositories, with the aim of reducing unnecessary data movement.
“Organisations today need deeper, more connected visibility across increasingly distributed environments,” said Seth Brickman, vice president of Product Management for the Splunk Platform, Cisco. “By combining Splunk’s Federated Search capabilities with network telemetry from Gigamon, we’re helping customers gain richer operational and security insights while reducing the cost and complexity of managing large volumes of data. Together, we’re delivering a more flexible and AI-ready approach to data management.”
“As data volumes continue to grow across hybrid cloud and AI-driven environments, organizations need a smarter way to manage telemetry without increasing cost or complexity,” said Srinivas Chakravarty, vice president, cloud ecosystem, at Gigamon. “Together, the Gigamon Deep Observability Pipeline and Splunk Federated Search help customers transform raw network traffic into high-fidelity, actionable telemetry and access it wherever it resides. This approach reduces unnecessary data movement and ingestion costs while improving visibility and enabling earlier threat detection across security and observability workflows.”
The companies said customers can choose where data is stored, including Splunk Cloud Platform indexes, Amazon S3 and Azure Blob Storage, as well as other third-party repositories, while retaining federated access. They positioned the approach as relevant to compliance and data sovereignty requirements, where centralising data can introduce cost, governance, or jurisdictional challenges.
The announcement cited Gartner research claiming that by 2030, 90 percent of new SIEM purchases will mandate federated data and content-first architectures that reject closed ecosystems and proprietary data stores. It also referenced Gigamon’s 2026 Hybrid Cloud Security Survey of more than 1,000 security and IT leaders, reporting that 79 percent are considering repatriating public cloud data to private cloud environments due to security concerns, while 72 percent believe data lakes offer stronger security controls.
Gigamon said its Federated Search App includes pre-built processing pipelines for Splunk Edge and Ingest Processor, federated search templates, and unified dashboards. The companies said integrating Gigamon’s pipeline with Splunk Edge and Ingest Processors enables telemetry to be processed and enriched closer to the source so that only “high-value” telemetry is stored and searched.
The companies said the Gigamon Federated Search solution for Splunk is available now to joint customers via Splunkbase.
