Running a prediction and anomaly detection in para...

Splunk Search

I want to build a query that can do the following.

a. Monitor about 10-15 metrics from the different kinds of system/application logs
b. Identify anomalies in these metrics, and if any anomaly is identified in one of the metrics, then run them through a if else loop to check if similar kind of metrics also had an anomaly.
c. if similar metrics had an anomaly, then use the predict command to predict values for the next x mins and identify if they are breaching the SLA's
d. If they are breaching then send out an alert.

We have been able to come till point C. but we are unable to predict values for multiple metrics at same time in parallel and check if they are breaching the SLA.

Does it need an external code or can it be done via Splunk?

Please advise.

*NEW* Splunk Love Promo!
Snag a $25 Visa Gift Card for Giving Your Review!

It's another Splunk Love Special! For a limited time, you can review one of our select Splunk products through Gartner Peer Insights and receive a $25 Visa gift card!

Review:
SOAR (f.k.a. Phantom) >>
Enterprise Security >>
Splunk Enterprise or Cloud for Security >>
Observability >>

Or Learn More in Our Blog >>

Running a prediction and anomaly detection in parallel