All Apps and Add-ons
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

What is Best Practice for streamed apply of MLTK models after removal of streaming_apply?

ljvc
Loves-to-Learn
‎01-25-2023 02:04 AM

Hello Splunk Community!

In MLTK version 5.3.1, the streaming_apply feature was removed due to bundle replication performance issues. However, I am currently facing a problem where executing a continuously updated model in a distributed fashion across all available search peers in our Splunk Enterprise setup would be highly beneficial.

As information on this former functionality appears sparse, I wanted to inquire regarding best way to handle automatically replicating the trained model to the search peers and executing it there, if it is at all still possible.

A previous question asked here (How to export/import/share ML models between Splunk instances and external system? ) hinted at manually copying the model files into the target lookup folder as an alternative to using streaming_apply. With daily updates to the model, this is sadly not an option in our deployment.

Thanks for your help!

Best regards

LJ

Labels (1)
Labels
Tags (2)
0 Karma
Reply
Get Updates on the Splunk Community!

Unify Your SecOps with Splunk Mission Control

In today’s post, I'm excited to share some recent Splunk Mission Control innovations. With Splunk Mission ...

Data Preparation Made Easy: SPL2 for Edge Processor

By now, you may have heard the exciting news that Edge Processor, the easy-to-use Splunk data preparation tool ...

Introducing Edge Processor: Next Gen Data Transformation

We get it - not only can it take a lot of time, money and resources to get data into Splunk, but it also takes ...