Feature Detail

Machine Learning

The New Era in Data Analysis

Machine learning is bringing data analysis into a new era, allowing companies to use predictive analytics that continually “learn” from historical data. These analytics can optimize IT, security and business operations—helping to detect incidents, reduce resolution times, and predict and prevent undesired outcomes.

The Splunk platform makes it easy for you to harness the power of machine learning by offering a rich set of machine learning commands and a guided workbench to create custom models for any use case.

Interested in machine learning that’s purpose-built for specific uses? Splunk Premium Solutions for IT Service Intelligence and User Behavior Analytics provide turnkey, out-of-the-box analytics dedicated to managing IT services and security.

Machine Learning and Analytics Commands

The Splunk platform offers over 20 machine learning commands that can be applied directly to your data for detection, alerting or analysis. Commands such as outlier, predict, cluster and correlate utilize fixed algorithms, while others such as anomalydetection allow you to choose between several algorithms to best fit your needs.

Want more flexibility? With the Splunk Machine Learning Toolkit, you get access to additional commands and open source algorithms to create custom models for any use case.

Custom Models with the Splunk Machine Learning Toolkit

The Splunk Machine Learning Toolkit provides a guided workbench, interactive examples and SPL extensions to help you create and operationalize custom machine learning models. You can base your models on over 300 open source Python algorithms from the sci-kit learn, pandas, statsmodel, numpy and scipy libraries available via the Splunk Python for Scientific Computing Add-on. Visit Splunkbase to download.

Showcase Examples

Walk through interactive examples of model creation organized by common use cases for IT, security, IoT and business analytics. Examples include predicting disk failures, finding outliers in response time, predicting VPN usage and forecasting internet traffic. 


Assistants let you choose among over 25 pre-packaged algorithms that provide a breadth of ML coverage, and then guide you through model creation, testing and deployment for common objectives like forecasting values, predicting numeric or categorical fields, and detecting numeric or categorical outliers. 

Extended SPL Commands

Use machine learning SPL commands like fit and apply to directly build, test and operationalize models. You can use any one of the pre-packaged Python algorithms or easily import and use any of the 300-plus open source Python algorithms from the Splunk Python for Scientific Computing Add-on.

Operationalizing Your Models

A key value of creating machine learning models in Splunk is that you can seamlessly apply them to the real-time machine data of your organization. Whether you use the Splunk Machine Learning Toolkit assistants or prefer to work directly in SPL, the models translate to standard SPL searches that can be further customized and easily put into production to generate real-time alerts or reports and dashboards.

Customer Success

Splunk at Zillow

As a leading real estate and rental marketplace, Zillow makes thousands of code and configuration updates to their website daily. In such a fast-paced environment how do you know which errors are most likely to cause issues and should be fixed first? Watch the .conf2016 presentation to learn about Zillow’s Splunk machine learning journey, including how they proactively monitor their website and reduce downtime.

Splunk at TELUS

TELUS provides wireless services across Canada with a network of over 20,000 cell towers. Early identification and remediation of difficult-to-detect network incidents is crucial to maintaining customer satisfaction. Watch the .conf2016 presentation or review the slides to find out how TELUS uses Splunk machine learning to reduce cell tower downtime and increase service availability.

Splunk at NTT DOCOMO

As a leading telecoms provider in Japan, NTT DOCOMO provides its customers with a digital marketplace of innovative services. Maintaining account security is crucial in order to retain customer confidence. Splunk machine learning helps NTT DOCOMO find anomalies in ID authentication and detect cyberattacks. Soon after operationalizing their ML models, a widespread brute force attack was detected and thousands of accounts were protected with two-step authentication.