Re: Whats the difference between the machine learn...

tb5821 · ‎11-16-2018

Whats the difference between the machine learning toolkit>forecast and the predict command you can run at searchtime?

grana_splunk · ‎11-16-2018

Let me step back and start from your first question:

Predict command != Predictions
Predict command only does forecasting using different modes of Kalman filter on a single value over time
It does not create or save models
Currently you cannot do this with predict command and everytime you have to run the entire search to do the forecasting

tb5821 · ‎11-16-2018

Predictions seem to be one thing, I was kinda hoping the machine learning part of Splunk actually learns over time as the predict command just seems to predict based on past events.

Would be nice to see what Splunk has learnt and what it’s adjusting based upon those learnings if it is actual machine learning with the toolkit

astein_splunk · ‎11-19-2018

https://www.youtube.com/watch?v=uE2KEQYfZE8

Might help you.

hkeswani_splunk · ‎11-16-2018

Both are based on Kalman Filter algorithms but the Machine Learning Toolkit has an additional algorithm called ARIMA and MLTK forecast also has a UI interface to show the predicted values, its accuracy, error rate and more in the UI itself.

Whats the difference between the machine learning toolkit>forecast and the predict command you can run at searchtime?

Introducing the 2024 SplunkTrust!

Introducing the 2024 Splunk MVPs!

Splunk Custom Visualizations App End of Life