Machine Learning

The next big thing in big data
Machine learning has the potential to radically transform our daily lives. Whether you are trying to predict how likely someone is to purchase a product, or determine when a cellular network will go down, machine learning can deliver predictive analytics based on the patterns seen in machine data.
Predictive analytics can be used across organizations to optimize IT operations, security, and business processes and to detect and anticipate incidents, reduce resolution times and prevent undesired outcomes.

Big Data Is Fueling the Machine Learning Trend

Machine learning relies on a broad data collection strategy across data stores, cloud and hybrid environments. When you enrich machine data with structured business data and apply machine learning to it, you gain the power to predict and respond to business events in real time.
Over 60% of data scientists’ time is spent on prepping data for advanced analytics. With Splunk, the data scientist on your team can focus on delivering insights.
Your IT director, who is stretched for time, can leverage packaged machine learning to quickly identify the root cause of service disruptions using Splunk IT Service Intelligence.
Your security expert can catch insider threats because Splunk User Behavior Analytics has built-in machine learning models based on our expertise in security event monitoring and analysis.
As you start to move beyond data aggregation, search and visualization to demand more sophisticated insights, machine learning is becoming the new touchstone for automated, predictive analysis. The Splunk Platform supports this entire journey.

Packaged Machine Learning With Splunk

Splunk uses machine learning techniques to identify anomalies and patterns that can speed investigations and intelligence discovery. This pre-built, use-case specific type of machine learning helps spot trends and outliers and can remove the “noise” generated by the massive number of events in your data. Splunk seamlessly delivers the power of machine learning through advanced analytics in its premium solutions.

Splunk IT Service Intelligence advanced analytics include:

 
Anomaly Detection: Baseline normal operational patterns and use statistical measurements to determine threshold variability patterns
 
Adaptive Thresholding: Dynamically adapt thresholds to changing behavior and highlight anomalous activity
 
Event Analytics: Combine event data with advanced analytics to reduce event clutter, false positives and extensive rules maintenance

Splunk User Behavior Analytics include pre-packaged,
unsupervised machine learning for:

 
Threat Detection: Support automated detection of insider threats and external attacks
 
Anomaly Detection: Help identify deviations across multiple entities - users, devices and applications, by comparing them against an entity’s baseline and its dynamically generated peer groups
 
Advanced Visualization: Provide visualization of statistical aggregates across multiple entities along with enriched kill-chain visualization of a threat vector

Custom Machine Learning With Splunk

To create custom models that can handle any use case, Splunk provides the Machine Learning Toolkit, a guided workbench where you can create, test and deploy flexible models. The Splunk Platform includes over 25 commonly used machine learning algorithms that can be applied directly to your data for detection, alerting or analysis, all without ever leaving the Splunk Platform.
Modeling Assistants
Guide model building, validation and deployment
Showcases
Provide interactive examples for typical IT, security, business process and IoT use cases
Open Source Python Library
Build models using any of the 300+ algorithms accessible through the ML Toolkit

Modeling Use Cases With Splunk

A key value of creating models in Splunk is that you can seamlessly apply them to real-time machine data in your organization. With Splunk, machine learning can be used to create models for a variety of common use cases.
Focused Investigation
Automatically detect anomalies and patterns in data to help investigators identify and resolve incidents.
Intelligent Alerting
Identify normal data patterns in varying levels of detail in order to alert only on abnormal conditions for a specific set of circumstances.
Predictive Actions
Identify patterns of activity to anticipate and react to circumstances that might otherwise disrupt operations or revenues such as unplanned downtime.
Business Optimization
Apply ML analysis to historical data and models to forecast demand, manage inventory, optimize operations and react to changing conditions.
Zillow uses custom outlier detection to quickly identify server pools that are causing outages due to frequent code and configuration changes.

Watch the Video
Splunk machine learning helps us rapidly improve end-user experience by ranking issue severity. We can determine root causes faster, reduce MTTR and improve SLAs.

The Next Big Thing in Big Data

The Splunk Platform already has a built-in enterprise machine data fabric that can be used for real-time Operational Intelligence. Machine learning extends the Splunk Platform by adding outlier and anomaly detection, adaptive thresholding and predictive analytics capabilities using packaged or custom algorithms to build data models that forecast future events. As a core capability of the Splunk Platform, machine learning lets you operationalize your machine data.

Learn how Splunk brings machine learning into the machine data analytics fold in a new report from 451 Research.