Splunk IT Service Intelligence
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

Splunk Anamoly detection for ODC Logs

maheswar6523
New Member
‎07-19-2018 03:24 AM

Hello Splunk team and community,

I am working with the Splunk Machine Learning (ML) toolkit to detect anomalies in Oracle logs. Particularly, I have logs in Splunk that
contains both error and unerrored data, Is there any way where i need to detect anomalous in the logs says if there are suddenly some
50 errors received instead of normal by analyzing the history

If anyone has any ideas, tips, or guidance, I will be very grateful!

Thanks
Uma

Tags (1)
0 Karma
Reply

skoelpin
SplunkTrust
SplunkTrust
‎07-19-2018 06:16 AM

Lots of people are going to recommend the out of the box anomaly detection in the MLTK to solve this.. While they are not wrong, this will lead to LOTS of Type 1 and Type 2 errors.

Check out my answer here on how to build out an anomaly detection framework in SPL

https://answers.splunk.com/answers/590464/how-you-detect-an-anomaly-from-a-time-frame-the-pr.html#an...

0 Karma
Reply
Get Updates on the Splunk Community!

Built-in Service Level Objectives Management to Bridge the Gap Between Service & ...

Wednesday, May 29, 2024  |  11AM PST / 2PM ESTRegister now and join us to learn more about how you can ...

Get Your Exclusive Splunk Certified Cybersecurity Defense Engineer at Splunk .conf24 ...

We’re excited to announce a new Splunk certification exam being released at .conf24! If you’re headed to Vegas ...

Share Your Ideas & Meet the Lantern team at .Conf! Plus All of This Month’s New ...

Splunk Lantern is Splunk’s customer success center that provides advice from Splunk experts on valuable data ...