using splunk machine learning toolkit

sabaKhadivi · ‎02-17-2019

to use splunk machine learning toolkit app , do I have to define our network related lookups and put them in showcases algorithms? and replace our custom lookups instead of predefinde mlkt lookups?

skoelpin · ‎02-17-2019

So you're asking if you want to do the same use cases as the showcase examples, if you can just add your own lookups and do the same? If so, then yeah you could do that, but it would be better to do it with the indexed data rather than lookups.

Also, it sounds like you're trying to find a solution to a problem you don't know you have. You'll have more success if you define a problem then find a solution in the MLTK

sabaKhadivi · ‎02-17-2019

so how can I define my problem into the MLTK?

sabaKhadivi · ‎02-17-2019

I mean how can I create my own showcase?

skoelpin · ‎02-17-2019

You wouldn't create a showcase, you will create an experiment. Go to the Experiments tab and select which type of use case this will be (i.e. predict a numeric value or category) and name your experiment. Then create a search or lookup table and build a model just like you did in the showcase

skoelpin · ‎02-22-2019

@sabaKhadivi did this answer your question? If so, can you accept?

using splunk machine learning toolkit

.conf24 | Day 0

Enhance Security Visibility with Splunk Enterprise Security 7.1 through Threat ...

Troubleshooting the OpenTelemetry Collector