Splunk Search
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

Outlier detection

Nils
New Member
‎04-15-2021 01:47 AM

Hi! 

I have a data set consisting of a csv-file with three columns with numerical data.

I have performed my own implementation that clusters the data set with K-means and then calculates outliers based on euclidean distance between data points and the cluster centroids. 

I wan't to perform the same kind of operation in Splunk but have not been successfull so far. 

I have tried local outlier factor, with the following query in search: 

source="dataset.csv" | fit LocalOutlierFactor 0,1,2 | search isOutlier="1.0"

However, the result from this search is very poor since very few outliers are detected. The data set is labeled making it easy to see correctly classified outliers. 

I have also tried with "Detect numeric outliers" from the machine learning toolkit but there, I can only chose one field to analyze and I have three fields. 

 

Is there an optimal solution to the problem of finding outliers in this type of dataset? 

 

Thanks in advance!

0 Karma
Reply
Get Updates on the Splunk Community!

Splunk + ThousandEyes: Correlate frontend, app, and network data to troubleshoot ...

 Are you tired of troubleshooting delays caused by siloed frontend, application, and network data? We've got a ...

Splunk Observability for AI

Don’t miss out on an exciting Tech Talk on Splunk Observability for AI!Discover how Splunk’s agentic AI ...

🔐 Trust at Every Hop: How mTLS in Splunk Enterprise 10.0 Makes Security Simpler

From Idea to Implementation: Why Splunk Built mTLS into Splunk Enterprise 10.0  mTLS wasn’t just a checkbox ...