Splunk Search
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

Outlier detection

Nils
New Member
‎04-15-2021 01:47 AM

Hi! 

I have a data set consisting of a csv-file with three columns with numerical data.

I have performed my own implementation that clusters the data set with K-means and then calculates outliers based on euclidean distance between data points and the cluster centroids. 

I wan't to perform the same kind of operation in Splunk but have not been successfull so far. 

I have tried local outlier factor, with the following query in search: 

source="dataset.csv" | fit LocalOutlierFactor 0,1,2 | search isOutlier="1.0"

However, the result from this search is very poor since very few outliers are detected. The data set is labeled making it easy to see correctly classified outliers. 

I have also tried with "Detect numeric outliers" from the machine learning toolkit but there, I can only chose one field to analyze and I have three fields. 

 

Is there an optimal solution to the problem of finding outliers in this type of dataset? 

 

Thanks in advance!

Labels (1)
Labels
0 Karma
Reply
Get Updates on the Splunk Community!

Stay Connected: Your Guide to February Tech Talks, Office Hours, and Webinars!

💌 Keep the new year’s momentum going with our February lineup of Community Office Hours, Tech Talks, ...

Preparing your Splunk Environment for OpenSSL3

The Splunk platform will transition to OpenSSL version 3 in a future release. Actions are required to prepare ...

Incident Response: Reduce Incident Recurrence with Automated Ticket Creation

Culture extends beyond work experience and coffee roast preferences on software engineering teams. Team ...