Advance your AI solutions with the Splunk App for Data Science and Deep Learning 5.2.1

We’re thrilled to introduce the Splunk App for Data Science and Deep Learning (DSDL) version 5.2.1 - a release that embodies the spirit of innovation for our customers in collaboration with the community and many colleagues. This version is packed with updates that enhance the app experience, making it more intuitive and aligned with your evolving needs for highly customizable AI in the agentic AI era. We hope this release can save you time and spark innovations!

Enhanced LLM Integrations and Search Result Caching

Extended Configurations for your AI stack

One of the standout features in this release are the numerous new configuration options for your custom AI stack. The updated configuration options for customizable LLMs (Large Language Models), embedding models as well as graph and vector databases empower you to tailor AI workflows to suit your specific organizational needs. Whether you're integrating external models or extending to local ones you can add more context retrieved from graph databases or vector stores. These enhancements provide greater flexibility, allowing you to craft solutions that are both powerful and personalized.

Search Result Caching

This feature was designed to store compute-intensive search results in a summary index, enabling quicker access to past search results. Imagine having the ability to instantly retrieve previously processed data without the need to re-run resource-heavy searches. This not only improves efficiency but also supports prompt auditing, ensuring that your data handling processes are both quick and secure reusing native Splunk features.

Unified Data Management and Improved Reliability

Schema Unification

In this version, Schema Unification brings a new level of coherence to the way documents and logs are encoded in vector databases. This enhancement streamlines data integration and retrieval, making it easier to manage large volumes of unstructured and semi-structured data. The result is a more efficient process for encoding and querying data, crucial for advanced search and retrieval augmentation tasks.

Reliability Enhancements

We’ve also introduced several key features to bolster cloud performance, security and reliability:

• API Worker Number Configuration: This allows you to optimize API performance by customizing the number of workers dedicated to processing API requests in parallel. By tailoring this setting, you can ensure that your system handles workloads efficiently, improving overall responsiveness.
• Keep Alive Flag: Designed to enhance cloud connectivity, this feature ensures that connections remain stable and robust, minimizing interruptions and maintaining seamless data flow across your cloud deployments.
• Container images: staying up to date with libraries is not only key for security but also to make use of the latest advancements in all the python modules. All DSDL containers have been rebuilt and are available open-source on GitHub, so you can tailor your images to your specific project needs.

These improvements are integral to ensuring your DSDL deployments are both robust and efficient, providing a solid foundation for your data operations.

Expanding Horizons for Data Scientists

New Integrations and Open Source Contributions

The integration of a Graph Database like Neo4j or Dgraph introduces exciting possibilities for network analysis within your Splunk environment. With an accompanying example notebook, data scientists can explore complex relationships and patterns, leveraging graph databases to uncover insights that were previously difficult to access. In the same way Agentic AI and LLMs can benefit from knowledge graphs that can be retrieved from Splunk and other data sources.

The screenshot above shows how any data retrieved from an SPL search can be programmatically transformed into a graph or queried for analytical results. This information can be reused in downstream SPL processing to generate alerts, visualize findings or trigger automations. 

Additionally, the open sourcing of the DGA Deep Learning Model invites the research community to experiment and innovate. By providing access to this model, we aim to foster collaboration and advancement in the field, supporting new research initiatives.

Updates and Deprecations

• Dashboard and Notebook Updates: Stay at the forefront of visualization and analytics tools with updated dashboards and notebooks. These enhancements ensure that your workflows are both effective and cutting-edge.
• Neural Network Designer Deprecation: As the underlying TensorFlow module “feature_columns” is deprecated, the neural network designer is phased out. Users relying on this feature should explore alternative solutions to continue their neural network projects. We have introduced a more lightweight PyTorch version of a “neural network lab” that walks users through “5 easy steps” to explore and design a simple neural network, which will be showcased at .conf in the interactive workshop BYO-AI: Leveraging Custom AI in Splunk. The screenshot below shows a part of the new dashboard.

.conf25 - Get ready to win in the agentic AI era!

Get ready for .conf25, where we’ll delve into the latest AI, agentic and machine learning advancements:

• Learn more how to use DSDL in hands-on labs: Engage in a hands-on session that offers deep dives into neural network development and ONNX integration. These workshops are designed to enhance your skills and understanding, providing practical insights into the latest technologies. Check out these sessions:
  • DEV1938 - AI Exploration: MLTK, DSDL App, and AI Assistant in Splunk
  • PLA1187 - BYO-AI: Leveraging Custom AI in Splunk

• Agentic AI Evolution: Discover new tools and agentic AI approaches designed for AI-driven investigations, debuting at .conf25. This codebase represents a cutting edge prototype of an AI application, offering powerful capabilities for data analysis and interpretation. Check out sessions:
  • PLA1405 - Building AI Agents with Splunk MCP Server
  • PLA1347 - AI That Speaks Your Business: Make AI Agents to Understand Your Data, Business Context, and Deliver Actionable Insights Visually
  • SEC1306 - AI Investigator: Agentic AI for Tailored Investigations in Your Language

Join us at .conf25 to explore these and many more exciting sessions and connect with industry leaders, innovators and of course your Splunk community. I want to express my gratitude to the community and Splunk colleagues whose invaluable contributions have shaped this release. Thanks for all your invaluable contributions in this release: Huaibo, Lukas, Johans, Kelcie, Jay, Gleb, Kumar, Patrick, Jonathan and Briana! Keep up your passion and spirit of innovation.

See you in Boston,
Philipp