Splunk Expands Machine Learning Features of Its Data Analysis Platform

Splunk expands the machine learning capabilities and security features including ransomware prevention, of its big data analytics platform of Enterprise 7.0.

Power BI Reports

Splunk made several improvements to its data monitoring and data analytics product line that offer new machine learning capabilities, anti-fraud and cloud monitoring features.

The improvements are included in  Splunk Enterprise 7.0, Splunk IT Service Intelligence (ITSI) 3.0, Splunk User Behavior Analytics (UBA) 4.0 and updates to Splunk Cloud.

The updates in both Splunk Enterprise 7.0 and Splunk Cloud are designed to give customers improved tools to monitor, investigate and gain intelligence from their business data.

For example, Enterprise 7.0 now accelerates monitoring and alerting by at least 20 times and enhancements to its core search technology deliver speed improvement of 3 times the previous performance.

An important benefit of these enhancements is that when combined with the platform's data analytics capabilities, customers can use Splunk Enterprise's enhanced machine learning capabilities to gain insights into current operations and predict future IT, security and business outcomes

 “You may have tens or hundreds of thousands of things you want to monitor in the cloud and now we alert you 20 times faster,” Jon Rooney, head of product marketing at Splunk,  told eWEEK. Improvements to event monitoring is a top feature in Splunk IT Service Intelligence (ITSI) 3.0 which uses machine learning to help identify current and potential system performance issues. The company said it also makes use of machine learning to limit “alert fatigue” by surfacing only the most critical information.

On the security front, the new Splunk Insights for Ransomware gives organizations real-time information to make proactive assessments of potential ransomware threats.

Another new offering, Splunk Security Essentials for Fraud Detection,is a free Splunk app that guides customers on how to use Splunk toidentify and investigate different types of fraud, including healthcare, payment card and transactional fraud.


Also for the first time, Splunk is offering an SDK for User Behavior Analytics. Customers can now use the UBA 4.0 to create and load their own machine learning models to identify anomalies and threats unique to their environments.


Splunk is continuing its Machine learning investments in two areas, said Rooney. “One is essentially baking it into our products and solutions so the non-data scientist can get value and be productive. The other is with bare metal machine learning for folks who want to extend the platform with their own algorithms.”

Rooney said most UBA products have essentially been a “black box” that’s not extensible.

“Customers have said they want to fine tune the algorithms. So we’re allowing them to do that with an SDK" that lets them define the algorithms to best suit their needs, he said.

IT analyst Charles King said Splunk's new tools and product updates have two essential goals:

The first is to "broaden the company's reach into new use cases and markets via its substantial expertise in machine learning, advanced analytics and related technologies. And secondly, to tame the complexities of machine learning and open those solutions to new users, including people with little if any training in data science,” King, principal analyst at Pund-IT, said in an email.

Splunk is hoping the new offerings appeal to new and current customers such as office products supplier Staples. “Splunk analytics and metrics are helping us optimize every aspect of what we do, including quickly identifying and correcting irregular transactions so customers receive the best possible service. The Splunk Enterprise platform is a critical piece of our business operations foundation,” said Faisal Masud, chief technology officer at Staples, in a release.

Splunk is also being more open about research and products in development that may not ever be commercially released. Rooney said the new Splunk Projects lets customers sign up for beta releases of services the company is developing and testing.

“We are sensitive to partners in big environments where an upgrade is not trivial,” said Rooney. “The notion of Projects is to avoid the big monster release. We want to figure out what problem we’re trying to solve and get stuff out there when it’s ready to be tested.”

Splunk was scheduled to make its product announcements Sept. 26 at .conf2017, the company’s annual customer and partner conference in Washington D.C.

David Needle

David Needle

Based in Silicon Valley, veteran technology reporter David Needle covers mobile, bi g data, and social media among other topics. He was formerly News Editor at Infoworld, Editor of Computer Currents...