Splunk AI-powers its Offerings for Security and Observability Platform

⇨ Splunk Inc., a leader in cybersecurity and observability, has announced Splunk AI, a suite of new AI-powered offerings to advance its unified security and observability platform.

⇨ Splunk AI integrates automation and human-in-the-loop interactions, allowing businesses to expedite detection, inquiry, and response while maintaining control over AI's application to their data.

⇨ Splunk AI Assistant leverages generative AI to provide an interactive chat experience and helps users author Splunk Processing Language (SPL) using natural language.

Splunk, a leader in cybersecurity and observability, has announced Splunk AI, a suite of new AI-powered offerings to advance its unified security and observability platform. Splunk AI integrates automation and human-in-the-loop interactions, allowing businesses to expedite detection, inquiry, and response while maintaining control over AI’s application to their data. Splunk AI offers assistive experiences and empower SecOps, ITOps and engineering teams to automatically mine data, detect anomalies, and prioritize critical decisions through intelligent risk assessment, and minimizing repetitive processes and human error.

Splunk’s AI approach is based on three key principles:

Domain and Splunk Specific: Splunk Al innovations offer domain-specific security and observability insights for accelerated detection, investigation and response while ensuring customers remain in control of how AI uses their data. The AI features are tailored to cater to the unique needs of security and observability use cases and can be seamlessly incorporated into workflows.

Human-in-the-Loop: The digital systems maintained by Splunk customers are among the most critical globally. Given the high stakes, it is crucial for AI to support human decision-making processes.

Open and Extensible: As Splunk integrates more AI directly into the platform, customers and partners will have the choice to expand Splunk’s models or include their own models, aligning with their policies and risk tolerance. These models can work Splunk data or data in other stores. This approach enables organizations to augment Splunk AI models or implement their own custom-made or third-party tools, thus providing a comprehensive and adaptable solution for various business needs.

By refining domain-specific large language models (LLMs) and machine learning algorithms built on security and observability data, Splunk AI lightens the workload of SecOps, ITOps, and engineering teams. This allows them to focus on more strategic tasks, thereby speeding up productivity and reducing costs.

All new offerings within Splunk AI are now generally available, except for Splunk AI Assistant and ML-Assisted Thresholding which are available in preview.

Here are some platform features:

Splunk AI Assistant (Preview): Splunk AI Assistant leverages generative AI to provide an interactive chat experience and helps users author Splunk Processing Language (SPL) using natural language. The app preview fosters an immersive experience where users can ask the AI chatbot to write or explain customized SPL queries to increase their Splunk knowledge. Splunk AI Assistant improves time-to-value and helps make SPL more accessible, further democratizing an organization’s access to, and insights from, its data.

Splunk App for Anomaly Detection: This feature equips Splunk users with the capability to discover anomalies in their time series data sets and metrics using robust machine learning algorithms with a few simple clicks. It also offers a comprehensive operational workflow to facilitate the creation and execution of anomaly detection tasks, along with triggering alerts based on these tasks.

Machine Learning Toolkit (MLTK) 5.4: Users are now empowered by machine learning to upload their externally pre-trained ONNX models using a straightforward user interface. They can then utilize these models with their Splunk data without altering their current workflow.

Splunk App for Data Science and Deep Learning (DSDL) 5.1: The MLTK is enhanced with sophisticated custom machine learning and deep learning systems. It now incorporates two new natural language processing AI assistants. These allow customers to employ large language models (LLMs) for building and training models using their domain-specific data, targeting text summarization and text classification use cases.