Machine Learning Toolkit

Tap into actionable insights with artificial intelligence powered by machine learning

AI and machine learning in your organization

Product Capabilities

The new era in data analysis is now. It's time to move at machine speed with Splunk.

Guided Assistants and Showcases

Guided model building, testing and deployment for common objectives, as well as interactive examples for typical use cases, make for fast ramp up and time to value.

Search Processing Language (SPL) Integration

Use machine learning SPL commands like fit and apply to directly build, test and operationalize models. Use any of the pre-packaged Python algorithms or import and use any of the 300+ open source Python algorithms from the Splunk Python for Scientific Computing Add-on.

Actionable Intelligence

Implement the best practices outlined in the MLTK to operationalize the machine learning process of collecting and analyzing data, training data models, and continuous monitoring.

See What the MLTK Can Do For You

Machine Learning Example and Tutorial

Step through interactive examples and tutorials that make it simple to build your own predictive analytics.

Predict Numeric and Categorical Fields

Predict the value of numeric or categorical fields and apply these predictions to find anomalies.


Detect Numeric and Categorical Outliers

Discover values that differ significantly from previous ones and find events that contain unusual value combinations.


Cluster Numeric Events

Partition events with multiple numeric fields into groups of events based on the value of those fields—all without knowing groupings in advance.


Time Series Forecasting

Add an explicit order dependence between values and events. Make models that fit historical data and use them to predict future events that could impact your organization.


Machine Learning Customer Advisory Program FAQs

The Machine Learning Customer Advisory Program provides customers with Splunk data science resources in support of a specific project or use case, to get them started with a running production model. As a participant in the MLTK advisory program, you will get:

  • Early access to new and enhanced MLTK features
  • The opportunity to shape the development of the product
  • Splunk's assistance in upgrading existing instances of MLTK and/or installing new ones
  • Promotion of your brand through Splunk's marketing efforts


Yes! We've worked with companies like Telus, Zillow and TransUnion to help them implement the MLTK and get benefits from it.

In exchange for complimentary advisory services on MLTK, the user agrees to provide early product feedback to the Splunk ML product team, as well as to serve as a public reference on how they have gotten value from using the MLTK. The user must also agree to load the data required for participation into their Splunk instance. While this advisory program has helped numerous customers to be successful with machine learning, note that it is not an offer for data science consulting, nor is it a replacement for professional services engagements.

Good question. While we'd love to accommodate all customers, we want to ensure you will be successful with this program. We've identified some common criteria which helps to ensure this will be a valuable experience for you.

  • You should be an existing Splunk customer, running Splunk Enterprise 6.5 or more recent.
  • You run the latest version of the MLTK or at least the MLTK3.1 Release (requires Splunk Enterprise 6.5 & PSC 1.2).
  • YYou agree to install beta versions as provided by the Splunk team with additional new feature capabilities (in non-production environments).
  • You are committed to putting a ML model built using MLTK into production.
  • You support and participate in regular communications with the Splunk ML team.
  • You should have internal data science resources/expertise at your organization. This is someone who is very comfortable working with your organization's data and has a basic understanding of data science and the value ML would bring to your organization. The on-staff data scientist at your organization will be paired with a Splunk data scientist who will help you build an ML solution/workflow.
  • You are willing to be a public reference for marketing purposes, which may include:
    • Contributing to the development of your success story which would get published as a case study, video, press quote, etc.
    • Speaking with media or industry analysts or other Splunk customers.
    • Speaking at events such as Splunk's user conference, SplunkLive events and partner events.
    • Engagement via social media.

This is a very involved program and will require at least 3-4 WebEx meetings that are typically 1-2 hours long where we’ll work through requirements, gathering and understanding the use case and data and assisting in building out the solution. There is very limited capacity in the program so not all submissions will result in an approval. Remote access is our preferred method of engagement. Onsite workshops are a possibility but we want to minimize Splunk travel. We will try to accomplish as much as we can via remote meetings. The final goal is to deploy the model in production.

Talk to your Splunk account team and SE. They will work with you to fill out the Machine Learning Advisory Program SOW and submit it for a pre-qualification decision.

You can still leverage the power of ML at your organization, even if the ML Customer Advisory Program is not the right fit for you.

We offer a Splunk for Analytics and Data Science three day virtual course that covers how to implement analytics and data science projects using Splunk's statistics and machine learning, so that you can create custom models and put them into production.

Splunk also has solutions that offer embedded machine learning and do not require data science expertise.  

Splunk IT Service Intelligence applies AI powered by machine learning to event management and service monitoring so that customers can cut through noisy alerts to identify and resolve real issues, as well as derive actionable insights and collaborate with the business.

Splunk User Behavior Analytics employs a behavior-centric, purpose-built and configurable machine learning framework that leverages unsupervised algorithms to find unknown threats and anomalous behavior across users, endpoint devices and applications.