SlideShare une entreprise Scribd logo

SplunkLive! Frankfurt 2018 - Predictive, Proactive, and Collaborative ML with IT Service Intelligence

Télécharger en tant que PPTX, PDF
Splunk
Splunk

Presented at SplunkLive! Frankfurt 2018: What data do we need? We need Machine Learning Real Use Case Example Let's Dive Into How it Works Next Steps

Technologie
1  sur  26
Predictive, Proactive, and Collaborative ML with IT Service Intelligence Not a Science Project – Creating Actionable Events Through Analytics Philipp Drieger | Staff Sales Engineer 10 April 2018 | Frankfurt
During the course of this presentation, we may make forward-looking statements regarding future events or the expected performance of the company. We caution you that such statements reflect our current expectations and estimates based on factors currently known to us and that actual events or results could differ materially. For important factors that may cause actual results to differ from those contained in our forward-looking statements, please review our filings with the SEC. The forward-looking statements made in this presentation are being made as of the time and date of its live presentation. If reviewed after its live presentation, this presentation may not contain current or accurate information. We do not assume any obligation to update any forward looking statements we may make. In addition, any information about our roadmap outlines our general product direction and is subject to change at any time without notice. It is for informational purposes only and shall not be incorporated into any contract or other commitment. Splunk undertakes no obligation either to develop the features or functionality described or to include any such feature or functionality in a future release. Splunk, Splunk>, Listen to Your Data, The Engine for Machine Data, Splunk Cloud, Splunk Light and SPL are trademarks and registered trademarks of Splunk Inc. in the United States and other countries. All other brand names, product names, or trademarks belong to their respective owners. ©2018 Splunk Inc. All rights reserved. Forward-Looking Statements
© 2018 SPLUNK INC. Problem Statement Operations Teams need more time between an alert and a failure that has availability impacting ramifications. The introduction of Machine Learning is a must have in order to predict these failures. These notable events must be able to be pushed and collaborated on by teams in various tools.
© 2018 SPLUNK INC. 1. What data do we need? 2. We Need Machine Learning 3. Real Use Case Example 4. Let’s Dive Into How it Works 5. Next Steps Agenda
Indicators Matter ITSI
▶ Key Performance Indicators (KPIs) • Defined metrics that are used to evaluate the overall status of the service ▶ Leading Indicators • Drivers of a result ▶ Lagging Indicators • Outcome of a result Indicators They Matter! Example Scenario DB Run Out of Space KPI Storage Value = 100% KPI User Response Time Value = 2000+ secs
KPI’s So What? Understanding Leading vs Lagging KPIs From the Service Experts is Critical Use Case Data Needed Set Business Priorities Measure the Right KPIs Drive Decisions
Data: Where to Get it I need it STAT
Where Does Data Come From? Service Intelligence Machine Data Human Data Synthetic APM Application Code Code DeploymentNetwork Change Records Server Changes Byte Code Instrumentation ML Adaptive Thresholding Server Storage Service Intelligence ApplicationLayerInfrastructureLayer
Use Splunk ITSI Provide flexible dependency service mapping for interactions at scale Leverage a platform to build out KPIs that ensure repeatability for consistency and allows aggregation and per entity KPI values Ease the burden of cleaning data What Do I Do With It Now
We Need Machine Learning Do you want to watch it or let it go?
Custom Machine Learning Success Formula Domain Expertise (IT, Security) ▶ ID Use Cases ▶ Set Business & Operations Priorities ▶ What KPIs Matter ▶ Drive Decisions Data Science Expertise ▶ Math/Stats Background ▶ Algorithm Selection ▶ Model Building ▶ Splunk ML Toolkit Splunk Expertise ▶ SPL ▶ Data Prep ▶ Operational Success
Overview of ML at Splunk CORE PLATFORM SEARCH PACKAGED PREMIUM SOLUTIONS MACHINE LEARNING TOOLKIT Platform for Machine Data
Supervised Learning Unsupervised Learning Reinforcement Learning Three Types of Machine Learning
Deviation from past behavior Deviation from peers (aka Multivariate AD or Cohesive AD) Unusual change in features ITSI MAD Anomaly Detection Predict Service Health Score Predicting churn Predicting events Trend forecasting Detecting influencing entities Early warning of failure – predictive maintenance Identify peer groups Event correlation Reduce alert noise ITSI Event Analytics Anomaly Detection Predictive Analytics Clustering Splunk Customers Have ML Problems
Splunk Machine Learning Toolkit 25+ standard algorithms available prepackaged New commands to fit, test and operationalize models EXAMPLE Algorithms Guide model building, testing and deployment for common objectives Interactive examples for 25+ use cases MLib Integration Showcase EXAMPLE EXAMPLE 300+ open source algorithms Assistants
Event Analytics BUILT IN – IT Service Intelligence Machine Learning
▶ Notable Events are key • We created a notable for Web Store Service – Called webstore_health_alert • Lets see how Splunk can cluster this with other events to show other Notable Events that are attributed ▶ Smart Mode is actually Smart • It use clustering to group events remember unsupervised ML at the beginning and spot the anomalies IT Service Intelligence Event Analytics
▶ Take 1000s or 100s of 1000s of alerts and connect them ▶ Use ML prediction to improve correlation ▶ Boil the events down to reasonable count of Actionable Events The Diamonds in the Rough Clustering Events into Actionable Alerts
Let’s Get Others Involved ChatOps - Anyone Slack?
© 2018 SPLUNK INC. ▶ Slack • Instant Message • Easy Channel Setup • Fast time to create incident working groups • Other Products just as easy HipChat, Skype etc… Slack
© 2018 SPLUNK INC. ▶ Slack Setup • Install the Alert Action https://splunkbase.splunk.com/app/2878/ • For Core Searches – Configure as alert action in Alerts • For ITSI − Enable Slack in notable_event_actions.conf • Let’s add it to our to our Policy − Configure –> Notable Event Aggregation Policy –> Create New ChatOps Splunk + Slack
Real Use Case Example Predictive Analytics in Real Time
© 2018 SPLUNK INC. 1. Splunk ITSI allows for Rapid Service, KPI, Entity creation and alerting 2. Machine Learning through MLTK provides a repeatable ability to Predict Service Health 3. Splunk ITSI for Event Analytics enables teams to cluster Notable Events together to have one Actionable Alert 4. Splunk ITSI provides extendable capabilities to provide immediate notification to Chat Groups, Ticketing system and other communication platforms to improve the Mean Time to Remediate Availability Impacting Situations 5. Read the blog: ITSI and Sophisticated Machine Learning What to Remember and Where to Go if You Fell Asleep Key Takeaways
Thank You! Don't forget to rate this session on Pony Poll https://ponypoll.com/frankfurt
Questions? Please Feel Free

Recommandé

SplunkLive! Frankfurt 2018 - Get More From Your Machine Data with Splunk AI
SplunkLive! Frankfurt 2018 - Get More From Your Machine Data with Splunk AISplunkLive! Frankfurt 2018 - Get More From Your Machine Data with Splunk AI
SplunkLive! Frankfurt 2018 - Get More From Your Machine Data with Splunk AI
Splunk
 
SplunkLive! Munich 2018: Get More From Your Machine Data Splunk & AI
SplunkLive! Munich 2018: Get More From Your Machine Data Splunk & AISplunkLive! Munich 2018: Get More From Your Machine Data Splunk & AI
SplunkLive! Munich 2018: Get More From Your Machine Data Splunk & AI
Splunk
 
SplunkLive! Frankfurt 2018 - Monitoring the End User Experience with Splunk
SplunkLive! Frankfurt 2018 - Monitoring the End User Experience with SplunkSplunkLive! Frankfurt 2018 - Monitoring the End User Experience with Splunk
SplunkLive! Frankfurt 2018 - Monitoring the End User Experience with Splunk
Splunk
 
SplunkLive! Frankfurt 2018 - Integrating Metrics & Logs
SplunkLive! Frankfurt 2018 - Integrating Metrics & LogsSplunkLive! Frankfurt 2018 - Integrating Metrics & Logs
SplunkLive! Frankfurt 2018 - Integrating Metrics & Logs
Splunk
 
SplunkLive! Munich 2018: Predictive, Proactive, and Collaborative ML with IT ...
SplunkLive! Munich 2018: Predictive, Proactive, and Collaborative ML with IT ...SplunkLive! Munich 2018: Predictive, Proactive, and Collaborative ML with IT ...
SplunkLive! Munich 2018: Predictive, Proactive, and Collaborative ML with IT ...
Splunk
 
SplunkLive! Munich 2018: Intro to Security Analytics Methods
SplunkLive! Munich 2018: Intro to Security Analytics MethodsSplunkLive! Munich 2018: Intro to Security Analytics Methods
SplunkLive! Munich 2018: Intro to Security Analytics Methods
Splunk
 
SplunkLive! Munich 2018: Monitoring the End-User Experience with Splunk
SplunkLive! Munich 2018: Monitoring the End-User Experience with SplunkSplunkLive! Munich 2018: Monitoring the End-User Experience with Splunk
SplunkLive! Munich 2018: Monitoring the End-User Experience with Splunk
Splunk
 
SplunkLive! Munich 2018: Integrating Metrics and Logs
SplunkLive! Munich 2018: Integrating Metrics and LogsSplunkLive! Munich 2018: Integrating Metrics and Logs
SplunkLive! Munich 2018: Integrating Metrics and Logs
Splunk
 

Recommandé

SplunkLive! Frankfurt 2018 - Get More From Your Machine Data with Splunk AI
SplunkLive! Frankfurt 2018 - Get More From Your Machine Data with Splunk AISplunkLive! Frankfurt 2018 - Get More From Your Machine Data with Splunk AI
SplunkLive! Frankfurt 2018 - Get More From Your Machine Data with Splunk AI
Splunk
 
SplunkLive! Munich 2018: Get More From Your Machine Data Splunk & AI
SplunkLive! Munich 2018: Get More From Your Machine Data Splunk & AISplunkLive! Munich 2018: Get More From Your Machine Data Splunk & AI
SplunkLive! Munich 2018: Get More From Your Machine Data Splunk & AI
Splunk
 
SplunkLive! Frankfurt 2018 - Monitoring the End User Experience with Splunk
SplunkLive! Frankfurt 2018 - Monitoring the End User Experience with SplunkSplunkLive! Frankfurt 2018 - Monitoring the End User Experience with Splunk
SplunkLive! Frankfurt 2018 - Monitoring the End User Experience with Splunk
Splunk
 
SplunkLive! Frankfurt 2018 - Integrating Metrics & Logs
SplunkLive! Frankfurt 2018 - Integrating Metrics & LogsSplunkLive! Frankfurt 2018 - Integrating Metrics & Logs
SplunkLive! Frankfurt 2018 - Integrating Metrics & Logs
Splunk
 
SplunkLive! Munich 2018: Predictive, Proactive, and Collaborative ML with IT ...
SplunkLive! Munich 2018: Predictive, Proactive, and Collaborative ML with IT ...SplunkLive! Munich 2018: Predictive, Proactive, and Collaborative ML with IT ...
SplunkLive! Munich 2018: Predictive, Proactive, and Collaborative ML with IT ...
Splunk
 
SplunkLive! Munich 2018: Intro to Security Analytics Methods
SplunkLive! Munich 2018: Intro to Security Analytics MethodsSplunkLive! Munich 2018: Intro to Security Analytics Methods
SplunkLive! Munich 2018: Intro to Security Analytics Methods
Splunk
 
SplunkLive! Munich 2018: Monitoring the End-User Experience with Splunk
SplunkLive! Munich 2018: Monitoring the End-User Experience with SplunkSplunkLive! Munich 2018: Monitoring the End-User Experience with Splunk
SplunkLive! Munich 2018: Monitoring the End-User Experience with Splunk
Splunk
 
SplunkLive! Munich 2018: Integrating Metrics and Logs
SplunkLive! Munich 2018: Integrating Metrics and LogsSplunkLive! Munich 2018: Integrating Metrics and Logs
SplunkLive! Munich 2018: Integrating Metrics and Logs
Splunk
 
SplunkLive! Munich 2018: Legacy SIEM to Splunk, How to Conquer Migration and ...
SplunkLive! Munich 2018: Legacy SIEM to Splunk, How to Conquer Migration and ...SplunkLive! Munich 2018: Legacy SIEM to Splunk, How to Conquer Migration and ...
SplunkLive! Munich 2018: Legacy SIEM to Splunk, How to Conquer Migration and ...
Splunk
 
SplunkLive! Munich 2018: Data Onboarding Overview
SplunkLive! Munich 2018: Data Onboarding OverviewSplunkLive! Munich 2018: Data Onboarding Overview
SplunkLive! Munich 2018: Data Onboarding Overview
Splunk
 
SplunkLive! Frankfurt 2018 - Intro to Security Analytics Methods
SplunkLive! Frankfurt 2018 - Intro to Security Analytics MethodsSplunkLive! Frankfurt 2018 - Intro to Security Analytics Methods
SplunkLive! Frankfurt 2018 - Intro to Security Analytics Methods
Splunk
 
SplunkLive! Frankfurt 2018 - Legacy SIEM to Splunk, How to Conquer Migration ...
SplunkLive! Frankfurt 2018 - Legacy SIEM to Splunk, How to Conquer Migration ...SplunkLive! Frankfurt 2018 - Legacy SIEM to Splunk, How to Conquer Migration ...
SplunkLive! Frankfurt 2018 - Legacy SIEM to Splunk, How to Conquer Migration ...
Splunk
 
SplunkLive! Frankfurt 2018 - Use Splunk for Incident Response, Orchestration ...
SplunkLive! Frankfurt 2018 - Use Splunk for Incident Response, Orchestration ...SplunkLive! Frankfurt 2018 - Use Splunk for Incident Response, Orchestration ...
SplunkLive! Frankfurt 2018 - Use Splunk for Incident Response, Orchestration ...
Splunk
 
SplunkLive! Frankfurt 2018 - Data Onboarding Overview
SplunkLive! Frankfurt 2018 - Data Onboarding OverviewSplunkLive! Frankfurt 2018 - Data Onboarding Overview
SplunkLive! Frankfurt 2018 - Data Onboarding Overview
Splunk
 
SplunkLive! Munich 2018: Getting Started with Splunk Enterprise
SplunkLive! Munich 2018: Getting Started with Splunk EnterpriseSplunkLive! Munich 2018: Getting Started with Splunk Enterprise
SplunkLive! Munich 2018: Getting Started with Splunk Enterprise
Splunk
 
SplunkLive! Zurich 2018: Legacy SIEM to Splunk, How to Conquer Migration and ...
SplunkLive! Zurich 2018: Legacy SIEM to Splunk, How to Conquer Migration and ...SplunkLive! Zurich 2018: Legacy SIEM to Splunk, How to Conquer Migration and ...
SplunkLive! Zurich 2018: Legacy SIEM to Splunk, How to Conquer Migration and ...
Splunk
 
SplunkLive! Munich 2018: Use Splunk for incident Response, Orchestration and ...
SplunkLive! Munich 2018: Use Splunk for incident Response, Orchestration and ...SplunkLive! Munich 2018: Use Splunk for incident Response, Orchestration and ...
SplunkLive! Munich 2018: Use Splunk for incident Response, Orchestration and ...
Splunk
 
SplunkLive! Frankfurt 2018 - Getting Hands On with Splunk Enterprise
SplunkLive! Frankfurt 2018 - Getting Hands On with Splunk EnterpriseSplunkLive! Frankfurt 2018 - Getting Hands On with Splunk Enterprise
SplunkLive! Frankfurt 2018 - Getting Hands On with Splunk Enterprise
Splunk
 
SplunkLive! Zurich 2018: Monitoring the End User Experience with Splunk
SplunkLive! Zurich 2018: Monitoring the End User Experience with SplunkSplunkLive! Zurich 2018: Monitoring the End User Experience with Splunk
SplunkLive! Zurich 2018: Monitoring the End User Experience with Splunk
Splunk
 
SplunkLive! Paris 2018: Event Management Is Dead
SplunkLive! Paris 2018: Event Management Is DeadSplunkLive! Paris 2018: Event Management Is Dead
SplunkLive! Paris 2018: Event Management Is Dead
Splunk
 
SplunkLive! Zurich 2018: Event Analytics
SplunkLive! Zurich 2018: Event AnalyticsSplunkLive! Zurich 2018: Event Analytics
SplunkLive! Zurich 2018: Event Analytics
Splunk
 
SplunkLive! Zurich 2018: Get More From Your Machine Data with Splunk & AI
SplunkLive! Zurich 2018: Get More From Your Machine Data with Splunk & AISplunkLive! Zurich 2018: Get More From Your Machine Data with Splunk & AI
SplunkLive! Zurich 2018: Get More From Your Machine Data with Splunk & AI
Splunk
 
SplunkLive! Zurich 2018: Integrating Metrics and Logs
SplunkLive! Zurich 2018: Integrating Metrics and LogsSplunkLive! Zurich 2018: Integrating Metrics and Logs
SplunkLive! Zurich 2018: Integrating Metrics and Logs
Splunk
 
SplunkLive! Zurich 2018: Intro to Security Analytics Methods
SplunkLive! Zurich 2018: Intro to Security Analytics MethodsSplunkLive! Zurich 2018: Intro to Security Analytics Methods
SplunkLive! Zurich 2018: Intro to Security Analytics Methods
Splunk
 
Splunk Discovery: Warsaw 2018 - Legacy SIEM to Splunk, How to Conquer Migrati...
Splunk Discovery: Warsaw 2018 - Legacy SIEM to Splunk, How to Conquer Migrati...Splunk Discovery: Warsaw 2018 - Legacy SIEM to Splunk, How to Conquer Migrati...
Splunk Discovery: Warsaw 2018 - Legacy SIEM to Splunk, How to Conquer Migrati...
Splunk
 
Splunk Discovery: Warsaw 2018 - Intro to Security Analytics Methods
Splunk Discovery: Warsaw 2018 - Intro to Security Analytics MethodsSplunk Discovery: Warsaw 2018 - Intro to Security Analytics Methods
Splunk Discovery: Warsaw 2018 - Intro to Security Analytics Methods
Splunk
 
Splunk Discovery: Warsaw 2018 - Reimagining IT with Service Intelligence
Splunk Discovery: Warsaw 2018 - Reimagining IT with Service IntelligenceSplunk Discovery: Warsaw 2018 - Reimagining IT with Service Intelligence
Splunk Discovery: Warsaw 2018 - Reimagining IT with Service Intelligence
Splunk
 
SplunkLive! Paris 2018: Use Splunk for Incident Response, Orchestration and A...
SplunkLive! Paris 2018: Use Splunk for Incident Response, Orchestration and A...SplunkLive! Paris 2018: Use Splunk for Incident Response, Orchestration and A...
SplunkLive! Paris 2018: Use Splunk for Incident Response, Orchestration and A...
Splunk
 
SplunkLive! Paris 2018: Splunk And AI 101
SplunkLive! Paris 2018: Splunk And AI 101SplunkLive! Paris 2018: Splunk And AI 101
SplunkLive! Paris 2018: Splunk And AI 101
Splunk
 
Splunk Webinar – IT Operations auf den nächsten Level bringen
Splunk Webinar – IT Operations auf den nächsten Level bringenSplunk Webinar – IT Operations auf den nächsten Level bringen
Splunk Webinar – IT Operations auf den nächsten Level bringen
Splunk
 

Contenu connexe

Tendances

SplunkLive! Zurich 2018: Legacy SIEM to Splunk, How to Conquer Migration and ...
SplunkLive! Zurich 2018: Legacy SIEM to Splunk, How to Conquer Migration and ...SplunkLive! Zurich 2018: Legacy SIEM to Splunk, How to Conquer Migration and ...
SplunkLive! Zurich 2018: Legacy SIEM to Splunk, How to Conquer Migration and ...
Splunk
 

Tendances (20)

SplunkLive! Munich 2018: Legacy SIEM to Splunk, How to Conquer Migration and ...
SplunkLive! Munich 2018: Legacy SIEM to Splunk, How to Conquer Migration and ...SplunkLive! Munich 2018: Legacy SIEM to Splunk, How to Conquer Migration and ...
SplunkLive! Munich 2018: Legacy SIEM to Splunk, How to Conquer Migration and ...
 
SplunkLive! Munich 2018: Data Onboarding Overview
SplunkLive! Munich 2018: Data Onboarding OverviewSplunkLive! Munich 2018: Data Onboarding Overview
SplunkLive! Munich 2018: Data Onboarding Overview
 
SplunkLive! Frankfurt 2018 - Intro to Security Analytics Methods
SplunkLive! Frankfurt 2018 - Intro to Security Analytics MethodsSplunkLive! Frankfurt 2018 - Intro to Security Analytics Methods
SplunkLive! Frankfurt 2018 - Intro to Security Analytics Methods
 
SplunkLive! Frankfurt 2018 - Legacy SIEM to Splunk, How to Conquer Migration ...
SplunkLive! Frankfurt 2018 - Legacy SIEM to Splunk, How to Conquer Migration ...SplunkLive! Frankfurt 2018 - Legacy SIEM to Splunk, How to Conquer Migration ...
SplunkLive! Frankfurt 2018 - Legacy SIEM to Splunk, How to Conquer Migration ...
 
SplunkLive! Frankfurt 2018 - Use Splunk for Incident Response, Orchestration ...
SplunkLive! Frankfurt 2018 - Use Splunk for Incident Response, Orchestration ...SplunkLive! Frankfurt 2018 - Use Splunk for Incident Response, Orchestration ...
SplunkLive! Frankfurt 2018 - Use Splunk for Incident Response, Orchestration ...
 
SplunkLive! Frankfurt 2018 - Data Onboarding Overview
SplunkLive! Frankfurt 2018 - Data Onboarding OverviewSplunkLive! Frankfurt 2018 - Data Onboarding Overview
SplunkLive! Frankfurt 2018 - Data Onboarding Overview
 
SplunkLive! Munich 2018: Getting Started with Splunk Enterprise
SplunkLive! Munich 2018: Getting Started with Splunk EnterpriseSplunkLive! Munich 2018: Getting Started with Splunk Enterprise
SplunkLive! Munich 2018: Getting Started with Splunk Enterprise
 
SplunkLive! Zurich 2018: Legacy SIEM to Splunk, How to Conquer Migration and ...
SplunkLive! Zurich 2018: Legacy SIEM to Splunk, How to Conquer Migration and ...SplunkLive! Zurich 2018: Legacy SIEM to Splunk, How to Conquer Migration and ...
SplunkLive! Zurich 2018: Legacy SIEM to Splunk, How to Conquer Migration and ...
 
SplunkLive! Munich 2018: Use Splunk for incident Response, Orchestration and ...
SplunkLive! Munich 2018: Use Splunk for incident Response, Orchestration and ...SplunkLive! Munich 2018: Use Splunk for incident Response, Orchestration and ...
SplunkLive! Munich 2018: Use Splunk for incident Response, Orchestration and ...
 
SplunkLive! Frankfurt 2018 - Getting Hands On with Splunk Enterprise
SplunkLive! Frankfurt 2018 - Getting Hands On with Splunk EnterpriseSplunkLive! Frankfurt 2018 - Getting Hands On with Splunk Enterprise
SplunkLive! Frankfurt 2018 - Getting Hands On with Splunk Enterprise
 
SplunkLive! Zurich 2018: Monitoring the End User Experience with Splunk
SplunkLive! Zurich 2018: Monitoring the End User Experience with SplunkSplunkLive! Zurich 2018: Monitoring the End User Experience with Splunk
SplunkLive! Zurich 2018: Monitoring the End User Experience with Splunk
 
SplunkLive! Paris 2018: Event Management Is Dead
SplunkLive! Paris 2018: Event Management Is DeadSplunkLive! Paris 2018: Event Management Is Dead
SplunkLive! Paris 2018: Event Management Is Dead
 
SplunkLive! Zurich 2018: Event Analytics
SplunkLive! Zurich 2018: Event AnalyticsSplunkLive! Zurich 2018: Event Analytics
SplunkLive! Zurich 2018: Event Analytics
 
SplunkLive! Zurich 2018: Get More From Your Machine Data with Splunk & AI
SplunkLive! Zurich 2018: Get More From Your Machine Data with Splunk & AISplunkLive! Zurich 2018: Get More From Your Machine Data with Splunk & AI
SplunkLive! Zurich 2018: Get More From Your Machine Data with Splunk & AI
 
SplunkLive! Zurich 2018: Integrating Metrics and Logs
SplunkLive! Zurich 2018: Integrating Metrics and LogsSplunkLive! Zurich 2018: Integrating Metrics and Logs
SplunkLive! Zurich 2018: Integrating Metrics and Logs
 
SplunkLive! Zurich 2018: Intro to Security Analytics Methods
SplunkLive! Zurich 2018: Intro to Security Analytics MethodsSplunkLive! Zurich 2018: Intro to Security Analytics Methods
SplunkLive! Zurich 2018: Intro to Security Analytics Methods
 
Splunk Discovery: Warsaw 2018 - Legacy SIEM to Splunk, How to Conquer Migrati...
Splunk Discovery: Warsaw 2018 - Legacy SIEM to Splunk, How to Conquer Migrati...Splunk Discovery: Warsaw 2018 - Legacy SIEM to Splunk, How to Conquer Migrati...
Splunk Discovery: Warsaw 2018 - Legacy SIEM to Splunk, How to Conquer Migrati...
 
Splunk Discovery: Warsaw 2018 - Intro to Security Analytics Methods
Splunk Discovery: Warsaw 2018 - Intro to Security Analytics MethodsSplunk Discovery: Warsaw 2018 - Intro to Security Analytics Methods
Splunk Discovery: Warsaw 2018 - Intro to Security Analytics Methods
 
Splunk Discovery: Warsaw 2018 - Reimagining IT with Service Intelligence
Splunk Discovery: Warsaw 2018 - Reimagining IT with Service IntelligenceSplunk Discovery: Warsaw 2018 - Reimagining IT with Service Intelligence
Splunk Discovery: Warsaw 2018 - Reimagining IT with Service Intelligence
 
SplunkLive! Paris 2018: Use Splunk for Incident Response, Orchestration and A...
SplunkLive! Paris 2018: Use Splunk for Incident Response, Orchestration and A...SplunkLive! Paris 2018: Use Splunk for Incident Response, Orchestration and A...
SplunkLive! Paris 2018: Use Splunk for Incident Response, Orchestration and A...
 

Similaire à SplunkLive! Frankfurt 2018 - Predictive, Proactive, and Collaborative ML with IT Service Intelligence

SplunkLive! Zurich 2017 - Advanced Analytics / Machine Learning
SplunkLive! Zurich 2017 - Advanced Analytics / Machine LearningSplunkLive! Zurich 2017 - Advanced Analytics / Machine Learning
SplunkLive! Zurich 2017 - Advanced Analytics / Machine Learning
Splunk
 
SplunkLive! London 2017 - Getting Started with Splunk IT Service Intelligence
SplunkLive! London 2017 - Getting Started with Splunk IT Service IntelligenceSplunkLive! London 2017 - Getting Started with Splunk IT Service Intelligence
SplunkLive! London 2017 - Getting Started with Splunk IT Service Intelligence
Splunk
 
DN18 | Applied Machine Learning in Cybersecurity: Detect malicious DGA Domain...
DN18 | Applied Machine Learning in Cybersecurity: Detect malicious DGA Domain...DN18 | Applied Machine Learning in Cybersecurity: Detect malicious DGA Domain...
DN18 | Applied Machine Learning in Cybersecurity: Detect malicious DGA Domain...
Dataconomy Media
 
SplunkLive! Analytics with Splunk Enterprise - Part 1
SplunkLive! Analytics with Splunk Enterprise - Part 1SplunkLive! Analytics with Splunk Enterprise - Part 1
SplunkLive! Analytics with Splunk Enterprise - Part 1
Splunk
 

Similaire à SplunkLive! Frankfurt 2018 - Predictive, Proactive, and Collaborative ML with IT Service Intelligence (20)

SplunkLive! Paris 2018: Splunk And AI 101
SplunkLive! Paris 2018: Splunk And AI 101SplunkLive! Paris 2018: Splunk And AI 101
SplunkLive! Paris 2018: Splunk And AI 101
 
Splunk Webinar – IT Operations auf den nächsten Level bringen
Splunk Webinar – IT Operations auf den nächsten Level bringenSplunk Webinar – IT Operations auf den nächsten Level bringen
Splunk Webinar – IT Operations auf den nächsten Level bringen
 
SplunkLive! Zurich 2017 - Advanced Analytics / Machine Learning
SplunkLive! Zurich 2017 - Advanced Analytics / Machine LearningSplunkLive! Zurich 2017 - Advanced Analytics / Machine Learning
SplunkLive! Zurich 2017 - Advanced Analytics / Machine Learning
 
SplunkLive! Paris 2018: Integrating Metrics and Logs
SplunkLive! Paris 2018: Integrating Metrics and LogsSplunkLive! Paris 2018: Integrating Metrics and Logs
SplunkLive! Paris 2018: Integrating Metrics and Logs
 
How to Move from Monitoring to Observability, On-Premises and in a Multi-Clou...
How to Move from Monitoring to Observability, On-Premises and in a Multi-Clou...How to Move from Monitoring to Observability, On-Premises and in a Multi-Clou...
How to Move from Monitoring to Observability, On-Premises and in a Multi-Clou...
 
Still Suffering from IT Outages? Accept Failure, Learn from Failure and Get R...
Still Suffering from IT Outages? Accept Failure, Learn from Failure and Get R...Still Suffering from IT Outages? Accept Failure, Learn from Failure and Get R...
Still Suffering from IT Outages? Accept Failure, Learn from Failure and Get R...
 
Splunk Forum Frankfurt - 15th Nov 2017 - Machine Learning For Event Management
Splunk Forum Frankfurt - 15th Nov 2017 - Machine Learning For Event ManagementSplunk Forum Frankfurt - 15th Nov 2017 - Machine Learning For Event Management
Splunk Forum Frankfurt - 15th Nov 2017 - Machine Learning For Event Management
 
SplunkLive! Paris 2018: Delivering New Visibility And Analytics For IT Operat...
SplunkLive! Paris 2018: Delivering New Visibility And Analytics For IT Operat...SplunkLive! Paris 2018: Delivering New Visibility And Analytics For IT Operat...
SplunkLive! Paris 2018: Delivering New Visibility And Analytics For IT Operat...
 
SplunkLive! London 2017 - Getting Started with Splunk IT Service Intelligence
SplunkLive! London 2017 - Getting Started with Splunk IT Service IntelligenceSplunkLive! London 2017 - Getting Started with Splunk IT Service Intelligence
SplunkLive! London 2017 - Getting Started with Splunk IT Service Intelligence
 
SplunkLive! Paris 2018: Legacy SIEM to Splunk
SplunkLive! Paris 2018: Legacy SIEM to SplunkSplunkLive! Paris 2018: Legacy SIEM to Splunk
SplunkLive! Paris 2018: Legacy SIEM to Splunk
 
Splunk Artificial Intelligence & Machine Learning Webinar
Splunk Artificial Intelligence & Machine Learning WebinarSplunk Artificial Intelligence & Machine Learning Webinar
Splunk Artificial Intelligence & Machine Learning Webinar
 
AIOps Roundtable Munich 2018
AIOps Roundtable Munich 2018AIOps Roundtable Munich 2018
AIOps Roundtable Munich 2018
 
Predictive, Proactive, and Collaborative ML with iT Service Intelligence
Predictive, Proactive, and Collaborative ML with iT Service Intelligence Predictive, Proactive, and Collaborative ML with iT Service Intelligence
Predictive, Proactive, and Collaborative ML with iT Service Intelligence
 
Predictive, Proactive, and Collaborative ML with iT Service Intelligence
Predictive, Proactive, and Collaborative ML with iT Service Intelligence Predictive, Proactive, and Collaborative ML with iT Service Intelligence
Predictive, Proactive, and Collaborative ML with iT Service Intelligence
 
Taking Splunk to the Next Level - Management Breakout Session
Taking Splunk to the Next Level - Management Breakout SessionTaking Splunk to the Next Level - Management Breakout Session
Taking Splunk to the Next Level - Management Breakout Session
 
DN18 | Applied Machine Learning in Cybersecurity: Detect malicious DGA Domain...
DN18 | Applied Machine Learning in Cybersecurity: Detect malicious DGA Domain...DN18 | Applied Machine Learning in Cybersecurity: Detect malicious DGA Domain...
DN18 | Applied Machine Learning in Cybersecurity: Detect malicious DGA Domain...
 
SplunkLive! Analytics with Splunk Enterprise - Part 1
SplunkLive! Analytics with Splunk Enterprise - Part 1SplunkLive! Analytics with Splunk Enterprise - Part 1
SplunkLive! Analytics with Splunk Enterprise - Part 1
 
Splunk for AIOps: Reduce IT outages through prediction with machine learning
Splunk for AIOps: Reduce IT outages through prediction with machine learningSplunk for AIOps: Reduce IT outages through prediction with machine learning
Splunk for AIOps: Reduce IT outages through prediction with machine learning
 
Splunk Webinar: IT Operations Demo für Troubleshooting & Dashboarding
Splunk Webinar: IT Operations Demo für Troubleshooting & DashboardingSplunk Webinar: IT Operations Demo für Troubleshooting & Dashboarding
Splunk Webinar: IT Operations Demo für Troubleshooting & Dashboarding
 
Splunk ITOA Roundtable - Zurich: 30th November 2017
Splunk ITOA Roundtable - Zurich: 30th November 2017Splunk ITOA Roundtable - Zurich: 30th November 2017
Splunk ITOA Roundtable - Zurich: 30th November 2017
 

Plus de Splunk

SOC, Amore Mio! | Security Webinar
SOC, Amore Mio! | Security WebinarSOC, Amore Mio! | Security Webinar
SOC, Amore Mio! | Security Webinar
Splunk
 

Plus de Splunk (20)

.conf Go 2023 - Data analysis as a routine
.conf Go 2023 - Data analysis as a routine.conf Go 2023 - Data analysis as a routine
.conf Go 2023 - Data analysis as a routine
 
.conf Go 2023 - How KPN drives Customer Satisfaction on IPTV
.conf Go 2023 - How KPN drives Customer Satisfaction on IPTV.conf Go 2023 - How KPN drives Customer Satisfaction on IPTV
.conf Go 2023 - How KPN drives Customer Satisfaction on IPTV
 
.conf Go 2023 - Navegando la normativa SOX (Telefónica)
.conf Go 2023 - Navegando la normativa SOX (Telefónica).conf Go 2023 - Navegando la normativa SOX (Telefónica)
.conf Go 2023 - Navegando la normativa SOX (Telefónica)
 
.conf Go 2023 - Raiffeisen Bank International
.conf Go 2023 - Raiffeisen Bank International.conf Go 2023 - Raiffeisen Bank International
.conf Go 2023 - Raiffeisen Bank International
 
.conf Go 2023 - På liv og død Om sikkerhetsarbeid i Norsk helsenett
.conf Go 2023 - På liv og død Om sikkerhetsarbeid i Norsk helsenett .conf Go 2023 - På liv og død Om sikkerhetsarbeid i Norsk helsenett
.conf Go 2023 - På liv og død Om sikkerhetsarbeid i Norsk helsenett
 
.conf Go 2023 - Many roads lead to Rome - this was our journey (Julius Bär)
.conf Go 2023 - Many roads lead to Rome - this was our journey (Julius Bär).conf Go 2023 - Many roads lead to Rome - this was our journey (Julius Bär)
.conf Go 2023 - Many roads lead to Rome - this was our journey (Julius Bär)
 
.conf Go 2023 - Das passende Rezept für die digitale (Security) Revolution zu...
.conf Go 2023 - Das passende Rezept für die digitale (Security) Revolution zu....conf Go 2023 - Das passende Rezept für die digitale (Security) Revolution zu...
.conf Go 2023 - Das passende Rezept für die digitale (Security) Revolution zu...
 
.conf go 2023 - Cyber Resilienz – Herausforderungen und Ansatz für Energiever...
.conf go 2023 - Cyber Resilienz – Herausforderungen und Ansatz für Energiever....conf go 2023 - Cyber Resilienz – Herausforderungen und Ansatz für Energiever...
.conf go 2023 - Cyber Resilienz – Herausforderungen und Ansatz für Energiever...
 
.conf go 2023 - De NOC a CSIRT (Cellnex)
.conf go 2023 - De NOC a CSIRT (Cellnex).conf go 2023 - De NOC a CSIRT (Cellnex)
.conf go 2023 - De NOC a CSIRT (Cellnex)
 
conf go 2023 - El camino hacia la ciberseguridad (ABANCA)
conf go 2023 - El camino hacia la ciberseguridad (ABANCA)conf go 2023 - El camino hacia la ciberseguridad (ABANCA)
conf go 2023 - El camino hacia la ciberseguridad (ABANCA)
 
Splunk - BMW connects business and IT with data driven operations SRE and O11y
Splunk - BMW connects business and IT with data driven operations SRE and O11ySplunk - BMW connects business and IT with data driven operations SRE and O11y
Splunk - BMW connects business and IT with data driven operations SRE and O11y
 
Splunk x Freenet - .conf Go Köln
Splunk x Freenet - .conf Go KölnSplunk x Freenet - .conf Go Köln
Splunk x Freenet - .conf Go Köln
 
Splunk Security Session - .conf Go Köln
Splunk Security Session - .conf Go KölnSplunk Security Session - .conf Go Köln
Splunk Security Session - .conf Go Köln
 
Data foundations building success, at city scale – Imperial College London
Data foundations building success, at city scale – Imperial College London Data foundations building success, at city scale – Imperial College London
Data foundations building success, at city scale – Imperial College London
 
Splunk: How Vodafone established Operational Analytics in a Hybrid Environmen...
Splunk: How Vodafone established Operational Analytics in a Hybrid Environmen...Splunk: How Vodafone established Operational Analytics in a Hybrid Environmen...
Splunk: How Vodafone established Operational Analytics in a Hybrid Environmen...
 
SOC, Amore Mio! | Security Webinar
SOC, Amore Mio! | Security WebinarSOC, Amore Mio! | Security Webinar
SOC, Amore Mio! | Security Webinar
 
.conf Go 2022 - Observability Session
.conf Go 2022 - Observability Session.conf Go 2022 - Observability Session
.conf Go 2022 - Observability Session
 
.conf Go Zurich 2022 - Keynote
.conf Go Zurich 2022 - Keynote.conf Go Zurich 2022 - Keynote
.conf Go Zurich 2022 - Keynote
 
.conf Go Zurich 2022 - Platform Session
.conf Go Zurich 2022 - Platform Session.conf Go Zurich 2022 - Platform Session
.conf Go Zurich 2022 - Platform Session
 
.conf Go Zurich 2022 - Security Session
.conf Go Zurich 2022 - Security Session.conf Go Zurich 2022 - Security Session
.conf Go Zurich 2022 - Security Session
 

Dernier

+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
?#DUbAI#??##{{(☎️+971_581248768%)**%*]'#abortion pills for sale in dubai@
 
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfRising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Orbitshub
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Safe Software
 

Dernier (20)

WSO2's API Vision: Unifying Control, Empowering Developers
WSO2's API Vision: Unifying Control, Empowering DevelopersWSO2's API Vision: Unifying Control, Empowering Developers
WSO2's API Vision: Unifying Control, Empowering Developers
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
 
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot ModelMcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
 
Vector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptxVector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptx
 
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfRising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
 
Exploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with MilvusExploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with Milvus
 
Platformless Horizons for Digital Adaptability
Platformless Horizons for Digital AdaptabilityPlatformless Horizons for Digital Adaptability
Platformless Horizons for Digital Adaptability
 
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
 
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ..."I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
 
FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor Presentation
 
Elevate Developer Efficiency & build GenAI Application with Amazon Q​
Elevate Developer Efficiency & build GenAI Application with Amazon Q​Elevate Developer Efficiency & build GenAI Application with Amazon Q​
Elevate Developer Efficiency & build GenAI Application with Amazon Q​
 

SplunkLive! Frankfurt 2018 - Predictive, Proactive, and Collaborative ML with IT Service Intelligence

  • 1. Predictive, Proactive, and Collaborative ML with IT Service Intelligence Not a Science Project – Creating Actionable Events Through Analytics Philipp Drieger | Staff Sales Engineer 10 April 2018 | Frankfurt
  • 2. During the course of this presentation, we may make forward-looking statements regarding future events or the expected performance of the company. We caution you that such statements reflect our current expectations and estimates based on factors currently known to us and that actual events or results could differ materially. For important factors that may cause actual results to differ from those contained in our forward-looking statements, please review our filings with the SEC. The forward-looking statements made in this presentation are being made as of the time and date of its live presentation. If reviewed after its live presentation, this presentation may not contain current or accurate information. We do not assume any obligation to update any forward looking statements we may make. In addition, any information about our roadmap outlines our general product direction and is subject to change at any time without notice. It is for informational purposes only and shall not be incorporated into any contract or other commitment. Splunk undertakes no obligation either to develop the features or functionality described or to include any such feature or functionality in a future release. Splunk, Splunk>, Listen to Your Data, The Engine for Machine Data, Splunk Cloud, Splunk Light and SPL are trademarks and registered trademarks of Splunk Inc. in the United States and other countries. All other brand names, product names, or trademarks belong to their respective owners. ©2018 Splunk Inc. All rights reserved. Forward-Looking Statements
  • 3. © 2018 SPLUNK INC. Problem Statement Operations Teams need more time between an alert and a failure that has availability impacting ramifications. The introduction of Machine Learning is a must have in order to predict these failures. These notable events must be able to be pushed and collaborated on by teams in various tools.
  • 4. © 2018 SPLUNK INC. 1. What data do we need? 2. We Need Machine Learning 3. Real Use Case Example 4. Let’s Dive Into How it Works 5. Next Steps Agenda
  • 6. ▶ Key Performance Indicators (KPIs) • Defined metrics that are used to evaluate the overall status of the service ▶ Leading Indicators • Drivers of a result ▶ Lagging Indicators • Outcome of a result Indicators They Matter! Example Scenario DB Run Out of Space KPI Storage Value = 100% KPI User Response Time Value = 2000+ secs
  • 7. KPI’s So What? Understanding Leading vs Lagging KPIs From the Service Experts is Critical Use Case Data Needed Set Business Priorities Measure the Right KPIs Drive Decisions
  • 8. Data: Where to Get it I need it STAT
  • 9. Where Does Data Come From? Service Intelligence Machine Data Human Data Synthetic APM Application Code Code DeploymentNetwork Change Records Server Changes Byte Code Instrumentation ML Adaptive Thresholding Server Storage Service Intelligence ApplicationLayerInfrastructureLayer
  • 10. Use Splunk ITSI Provide flexible dependency service mapping for interactions at scale Leverage a platform to build out KPIs that ensure repeatability for consistency and allows aggregation and per entity KPI values Ease the burden of cleaning data What Do I Do With It Now
  • 11. We Need Machine Learning Do you want to watch it or let it go?
  • 12. Custom Machine Learning Success Formula Domain Expertise (IT, Security) ▶ ID Use Cases ▶ Set Business & Operations Priorities ▶ What KPIs Matter ▶ Drive Decisions Data Science Expertise ▶ Math/Stats Background ▶ Algorithm Selection ▶ Model Building ▶ Splunk ML Toolkit Splunk Expertise ▶ SPL ▶ Data Prep ▶ Operational Success
  • 13. Overview of ML at Splunk CORE PLATFORM SEARCH PACKAGED PREMIUM SOLUTIONS MACHINE LEARNING TOOLKIT Platform for Machine Data
  • 15. Deviation from past behavior Deviation from peers (aka Multivariate AD or Cohesive AD) Unusual change in features ITSI MAD Anomaly Detection Predict Service Health Score Predicting churn Predicting events Trend forecasting Detecting influencing entities Early warning of failure – predictive maintenance Identify peer groups Event correlation Reduce alert noise ITSI Event Analytics Anomaly Detection Predictive Analytics Clustering Splunk Customers Have ML Problems
  • 16. Splunk Machine Learning Toolkit 25+ standard algorithms available prepackaged New commands to fit, test and operationalize models EXAMPLE Algorithms Guide model building, testing and deployment for common objectives Interactive examples for 25+ use cases MLib Integration Showcase EXAMPLE EXAMPLE 300+ open source algorithms Assistants
  • 17. Event Analytics BUILT IN – IT Service Intelligence Machine Learning
  • 18. ▶ Notable Events are key • We created a notable for Web Store Service – Called webstore_health_alert • Lets see how Splunk can cluster this with other events to show other Notable Events that are attributed ▶ Smart Mode is actually Smart • It use clustering to group events remember unsupervised ML at the beginning and spot the anomalies IT Service Intelligence Event Analytics
  • 19. ▶ Take 1000s or 100s of 1000s of alerts and connect them ▶ Use ML prediction to improve correlation ▶ Boil the events down to reasonable count of Actionable Events The Diamonds in the Rough Clustering Events into Actionable Alerts
  • 21. © 2018 SPLUNK INC. ▶ Slack • Instant Message • Easy Channel Setup • Fast time to create incident working groups • Other Products just as easy HipChat, Skype etc… Slack
  • 22. © 2018 SPLUNK INC. ▶ Slack Setup • Install the Alert Action https://splunkbase.splunk.com/app/2878/ • For Core Searches – Configure as alert action in Alerts • For ITSI − Enable Slack in notable_event_actions.conf • Let’s add it to our to our Policy − Configure –> Notable Event Aggregation Policy –> Create New ChatOps Splunk + Slack
  • 23. Real Use Case Example Predictive Analytics in Real Time
  • 24. © 2018 SPLUNK INC. 1. Splunk ITSI allows for Rapid Service, KPI, Entity creation and alerting 2. Machine Learning through MLTK provides a repeatable ability to Predict Service Health 3. Splunk ITSI for Event Analytics enables teams to cluster Notable Events together to have one Actionable Alert 4. Splunk ITSI provides extendable capabilities to provide immediate notification to Chat Groups, Ticketing system and other communication platforms to improve the Mean Time to Remediate Availability Impacting Situations 5. Read the blog: ITSI and Sophisticated Machine Learning What to Remember and Where to Go if You Fell Asleep Key Takeaways
  • 25. Thank You! Don't forget to rate this session on Pony Poll https://ponypoll.com/frankfurt