Dear Team,

I understand we are using Kalman filters in predict command. I am comparing our existing Kalman implementation in python code (uses filterpy) to Splunk. Interestingly kalman means (predictions) are similar in Splunk and Python but confidence interval are way apart. Your help is really appreciated. This is a roadblock for us to move entirely to Splunk.

My Splunk query:
|inputlookup sample_predict_data.csv
|fields _time,Response_Time
|eval _time=strptime(_time, "%Y-%m-%dT%H:%M:%S.%3N%:z")
|convert num(_span)
|fields _time,Response_Time
|timechart span=5m avg(Response_Time) as "Response_Time"
|predict "Response_Time" future_timespan=4 period=96 algorithm=LL

Sample_predict_data.csv:
Itr
0 59.040042
1 66.725715
2 40.399476
3 52.249948
4 48.609610
5 40.946166
6 52.468450
7 61.404242
8 35.637950
9 59.458336
10 40.836213

Sample output from Splunk:
_time Response_Time upper95(prediction(Response_Time))
1 2019-04-11 02:30:00-05:00 66.725715 73.969822
2 2019-04-11 02:35:00-05:00 40.399476 63.764238
3 2019-04-11 02:40:00-05:00 52.249948 63.185333
4 2019-04-11 02:45:00-05:00 48.609610 61.507178
5 2019-04-11 02:50:00-05:00 40.946166 57.659094
6 2019-04-11 02:55:00-05:00 52.468450 59.473529
7 2019-04-11 03:00:00-05:00 61.404242 63.887708
8 2019-04-11 03:05:00-05:00 35.637950 57.279082
9 2019-04-11 03:10:00-05:00 59.458336 61.778312

Sample Output from Python
Prediction . PythonUpperBound

59.083758 64.242979
52.332217 49.047618
53.685847 48.838873
53.086523 47.206724
48.965072 42.431759
51.753461 46.112887
54.099557 53.597780
52.231218 45.280999
50.658427 51.773081