Splunk has announced Splunk AI, an AI-powered offerings to enhance its unified security and observability platform. Splunk AI combines automation with human-in-the-loop experiences, so organizations can drive faster detection, investigation, and response while controlling how AI is applied to their data.
Splunk continues to enrich the customer experience by delivering domain-specific insights through its AI capabilities for security and observability.
Splunk AI strengthens human decision-making and threat response through assistive experiences. The offerings empower SecOps, ITOps, and engineering teams to automatically mine data, detect anomalies, and prioritize critical decisions through intelligent assessment of risk, helping to minimize repetitive processes and human error.
Splunk AI optimizes domain-specific large language models and ML algorithms built on security and observability data, so SecOps, ITOps, and engineering teams are freed up for more strategic work – helping to accelerate productivity and lower costs.
Splunk AI Assistant leverages generative AI to provide an interactive chat experience and helps users author Splunk Processing Language (SPL) using natural language. The app preview fosters an immersive experience where users can ask the AI chatbot to write or explain customized SPL queries to increase their Splunk knowledge.
New AIOps capabilities
The embedded AI offerings, highlighted below, enable organizations to drive more accurate alerting to build digital resilience:
- Splunk App for Anomaly Detection provides SecOps, ITOps and engineering teams with a streamlined end-to-end operational workflow to simplify and automate anomaly detection within their environment.
- The IT Service Intelligence 4.17 features greater detection accuracy and faster time-to-value: ○ Outlier Exclusion for Adaptive Thresholding detects and omits abnormal data points or outliers for more precise dynamic thresholds to drive accurate detection within one’s technology environment.
- The new ML-Assisted Thresholding preview uses historical data and patterns to create dynamic thresholds with just one click, helping to provide more accurate alerting on the health of an organization’s technology environment.
Anomaly detection through automation
The ML-powered foundational offerings provide organizations access to large, richer sets of information by extending solutions built on the Splunk platform, so they can drive data-driven decisions:
- The Splunk Machine Learning Toolkit (MLTK) 5.4 provides guided access to ML technology to users of all levels. The new release builds on the open, extensible nature of Splunk AI by enabling customers to bring their externally trained models into Splunk.
- Now available on Splunkbase, Splunk App for Data Science and Deep Learning (DSDL) 5.1 extends MLTK to provide access to additional data science tools to integrate advanced custom machine learning and deep learning systems with Splunk. This release includes two AI assistants that allow customers to leverage LLMs to build and train models with their domain specific data to support natural language processing.
Splunk Threat Research Team has added 6 ML-powered detections to Splunk Enterprise Security through the Splunk Enterprise Security Content Updates (ESCU) to help security practitioners address ongoing time-sensitive security threats and attack methods.
