With Splunk Enterprise 6.5, the company’s enterprise-level offerings now feature machine learning, an ingredient that’s all but obligatory for any big data product. But Splunk’s approach is less opaque than most, and it encourages enterprise devs to build with it instead of merely deploying it.
Splunk has two offerings for machine learning: a prepackaged set of functionalities for common use cases, and a developer toolkit for building custom machine learning models that can be leveraged against data harvested with Splunk.
Enterprises getting their feet wet with either Splunk, machine learning, or a combination of the two can start with the Splunk IT Service Intelligence, Splunk User Behavior Analytics, and Splunk Enterprise Security bundled solution sets.
All of these focus on problems where enterprises have to paw through mountains of data and perform analyses on them that reflect common business problems. For instance, if you want to use machine intelligence to guard against outside attacks or insider threats, you’d most likely use some kind of anomaly detection algorithm. But you’d need to ensure that the algorithm can adapt intelligently and not get swamped by natural changes in behavior.