SPL that will call a script and use indexed data a...

teddyidc1101 · ‎04-21-2019

The requirement is to do forecasting on indexed data. A python script will be developed and use in Splunk to use the indexed data for forecasting. Is this possible? if yes, how?

Thanks!

niketn · ‎04-22-2019

@teddyidc1101 if you are using scikit-learn, pandas, statsmodel, numpy, or scipy libraries as forecasting algorithm you should check out Splunk Machine Learning Toolkit (MLTK) and if any of currently supported ML libraries are not already present in MLTK you can extend and import your own algorithm using ML SPL API

Also refer to State Space Forecast algorithm introduced in 4.2 which allows you to fit and apply learnt model for time series forecasting: https://docs.splunk.com/Documentation/MLApp/latest/User/Algorithms#StateSpaceForecast

____________________________________________
| makeresults | eval message= "Happy Splunking!!!"

riddhichandaran · ‎04-21-2019

Yes it is possible you can create custom command and pass indexed data as a parameter

Reference:
http://dev.splunk.com/view/python-sdk/SP-CAAAEU2

SPL that will call a script and use indexed data as input

Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!

Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.

Announcing Modern Navigation: A New Era of Splunk User Experience

Modernize your Splunk Apps – Introducing Python 3.13 in Splunk

Step into “Hunt the Insider: An Splunk ES Premier Mystery” to catch a cybercriminal ...

Join the Conversation