It needs seven days of historical data for that detection to be statistically sound. IT Service Intelligence uses machine learning for anomaly detection, adaptive thresholding and KPI management. For both tools, you can also create your own custom analytics. User Behavior Analytics uses those machine learning techniques for behavior baselining and modeling, anomaly detections (for which it has more than 30 models) and advanced threat detection.
Splunk uses three machine learning techniques: Clustering, which takes a lot of data and puts it into groups classification, which produces a prediction and regression, which uses historical values to come up with predictions about the future.
“Machine learning can help detect, predict and prevent what matters most to an organization,” Sainani told The New Stack. “ITSI is focused on key performance indicators, while UBA is focused on raw events and their sequences.” “Both ITSI and UBA have machine learning models that are used to surface anomalies”, explains Splunk principal product manager for machine learning Manish Sainani. Splunk ITSI is already an ML-driven tool to help you find the root cause of problems and fix them faster it gets new ML models to spot unusual events that could mean there’s a security or system problem. Splunk ES and UBA are predictive analytics tools and they will now learn what the baseline of normal behavior for your systems looks like so you’re not so swamped by alerts when everything is running smoothly that you miss the warnings for serious problems.
Splunk enterprise security machine learning windows#
Splunk Cloud and Enterprise 6.5 get a new interface to help you build your own machine learning (ML) models, along with ML tools to predict maintenance windows and help you forecast demand and react to changes by building models based on your own traffic and customers. The next versions of Splunk Enterprise, Splunk IT Service Intelligence (ITSI), Splunk Enterprise Security (ES) and Splunk User Behavior Analytics (UBA) will include custom machine learning-based predictive analytics, in both on-premise and the cloud versions. IT analytics company Splunk is doubling down on Machine Learning.