Sep 26 2017
Data Analytics

Splunk .Conf2017: Splunk Enhances Machine Learning Tools To Boost Insights

The advancements will help organizations better monitor, investigate and take actions based on the data they collect, Splunk says.

In a world in which data volumes are increasing, and businesses are struggling to turn that data into insights that help customers and the bottom line, it can seem difficult to keep up. Splunk, which specializes in analyzing machine-generated data, wants to leverage the power of artificial intelligence to help businesses get a better handle on their data.

At the company’s .conf2017 event in Washington, D.C., Splunk unveiled expansions of the machine learning capabilities across its entire product platform. The company hopes that the new enhancements will make it easier for organizations to take advantage of the data they collect from customers and their IT systems, especially as the Internet of Things expands. Indeed, according to Gartner, there will be 8.4 billion connected devices in use in 2017 (up 31 percent from 2016), and 3.1 billion will be used by businesses.

Machine learning — a subset of artificial intelligence that uses algorithms to detect patterns, predict outcomes and potentially operate autonomously — is a big industry buzzword. However, Splunk thinks its new offerings can help businesses actually make use of it.

“Why don’t we see it everywhere? Why is it mainly hype right now?” Richard Campione, chief product officer at Splunk, said of machine learning during the opening keynote on Tuesday. “It’s because it’s difficult to do in practice. And this is the challenge that we are taking on.”

In some cases, Splunk is allowing companies to build their own custom applications using machine learning on top of its data platform, as TechCrunch reports. In other cases, companies can use automated tools to take advantage of the technology.

SIGN UP: Get more news from the BizTech newsletter in your inbox every two weeks!

Splunk Updates Platforms with Machine Learning

Splunk made updates to several platforms: Splunk Enterprise, IT Service Intelligence (ITSI), Enterprise Security (ES) and User Behavior Analytics (UBA) for both cloud and on-premises deployments.

The company’s data-mining algorithms help businesses monitor security incidents and alert IT staff, predict events for operations and maintenance, and optimize inventorying and analysis of historical data, as ZDNet notes.

The Splunk Enterprise 7.0 and Splunk Cloud platforms help businesses monitor, investigate and gain intelligence with their data. Now, the company is adding support for metrics, which it says accelerates monitoring and alerting twenty fold or more.

What Splunk means by “metrics” is that data monitoring can now be overlaid onto events. For example, if IT or security operations center staff could see that available computing power dropped when a USB stick was inserted into a monitored laptop, they could assess if ransomware or some other form of malware was deployed. Or, companies could correlate the deployment of new software code with application performance metrics.

Customers can use the Splunk platform to predict future IT, security and business outcomes through integrated machine learning techniques using powerful, extensible algorithms, the company argues. Those tools can then let IT staff members collect, prepare, transform, explore, visualize and publish data insights.

Customized or Automated Machine Learning

Campione noted that the most difficult part of making machine learning practical is “wrangling the data” so that it can be analyzed and so algorithms can be trained to find patterns based on that data. Splunk pulls together data from all kinds of sources, whether that is apps, servers, application programming interfaces (APIs) or from the web.

Splunk gives IT teams at least two main ways to take advantage of machine learning tools. The Machine Learning Toolkit, which is free to any customer, allows companies to build machine learning–based apps. The toolkit now has a machine learning management component to integrate user permissions directly from Splunk into customized machine learning apps. It now also includes APIs for open-source and proprietary algorithms.

Further, Splunk added a module to help customers prepare and clean their data before they start machine learning modeling. That will make it easier for businesses to use machine learning and save them time and money, Campione said.

If customers want a more automated experience, the company has Splunk ITSI 3.0, which it says combines service context with machine learning to help identify existing and potential issues, and then prioritize the restoration of business-critical services. Splunk ITSI 3.0 employs machine learning to determine which business functions are most important. Designed to reduce “alert fatigue,” it only sends IT teams the most critical issues.

Just_Super/Getty Images

Learn from Your Peers

What can you glean about security from other IT pros? Check out new CDW research and insight from our experts.