All Apps and Add-ons
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question
Solved! Jump to solution

Splunk ML toolkit export Predictive models and Realtime scoring

thomas13t
Engager
‎03-12-2018 04:59 AM

Hello, I have a couple of questions regarding Splunk ML toolkit:

  1. Can I export Predictive models / algorithms from Splunk? If so what are the available exports: can it be code in python? can it be in R?

  2. The algorithms will need to run on (near)realtime data flows, can Splunk handle real time Predictive scoring? A scoring engine, something like SAS ESP (event stream processing), that can deployed separately form the Splunk instance?

Thx
Thomas

Reply
1 Solution
Solved! Jump to solution
Solution

skoelpin
SplunkTrust
SplunkTrust
‎03-12-2018 07:28 AM

Hello,

1) Splunk uses the Python Scientific Compute add-on for its algorithms, so no, you cant export it, but you can use the Python based scientific compute kit

https://docs.splunk.com/Documentation/MLApp/3.1.0/User/Installandconfigure

2) It depends on a lot of things. How you set up your models, your hardware, your sample size, how many independent variables you have etc.. It's possible, but it depends

View solution in original post

0 Karma
Reply
Solved! Jump to solution
Solution

skoelpin
SplunkTrust
SplunkTrust
‎03-12-2018 07:28 AM

Hello,

1) Splunk uses the Python Scientific Compute add-on for its algorithms, so no, you cant export it, but you can use the Python based scientific compute kit

https://docs.splunk.com/Documentation/MLApp/3.1.0/User/Installandconfigure

2) It depends on a lot of things. How you set up your models, your hardware, your sample size, how many independent variables you have etc.. It's possible, but it depends

0 Karma
Reply
Solved! Jump to solution

thomas13t
Engager
‎03-13-2018 08:43 AM

Ok Thank you,

So if I understood correctly it could be theoretical possible to decouple the analytic part (creation, test, and validation of predictive models) from a "scoring" engine where the models are deployed, the needed flow (and eventual extra KPis are calculated) are present?

Or with your 2 answer you are implying that the splunk instance will be called via API everytime a resource needs a scoring and reply with the correct score?

0 Karma
Reply
Get Updates on the Splunk Community!

Splunk Observability for AI

Don’t miss out on an exciting Tech Talk on Splunk Observability for AI!Discover how Splunk’s agentic AI ...

Splunk Enterprise Security 8.x: The Essential Upgrade for Threat Detection, ...

Watch On Demand the Tech Talk on November 6 at 11AM PT, and empower your SOC to reach new heights! Duration: ...

Splunk Observability as Code: From Zero to Dashboard

For the details on what Self-Service Observability and Observability as Code is, we have some awesome content ...