To channel my inner John Chambers, this is a market adjacency. I.e., a way to expand into a market that complements something they already do. Their security product suite and data analytics tools would all naturally feed into Splunk. Cisco has, at various times, had products in the SIEM space[0], and it isn't unusual[1] for them to build or acquire a few tools in the same category before finding something that is a good product-market fit with some longevity.

0 - See MARS, https://en.wikipedia.org/wiki/Cisco_Security_Monitoring%2C_A...

1 - A few examples: before WebEx, Cisco had MeetingPlace which was partially internally developed and partially built with external hardware and software products. Before Firepower Threat Defense (Snort acquisition,) there was the internally built ASA product line, which developed from the acquired PIX line. In load balancers, they had ACE (internally developed,) replacing CSS/CSM (based off of their Arrowpoint acquisition.) For NAC, they had NAC framework (internally developed, never really took off,) NAC appliance (acquired,) and now ISE (internally developed.) There are many, many, other examples here.

Cisco is pushing hard in the security space.

I'm guessing you know nothing about Cisco other than the fact that they make routers and switches.

That's true.

Given the announcement's emphasis on AI, I assume this is partly about being able to train models on customer data.