Splunk announces new machine learning enhancements to core platform solutions

Splunk Data Stream Processor, Machine Learning Toolkit and Splunk Connected Experience get major updates, while Splunk reiterates how their Google partnership and new Remote Work Insights App fit into their strategy.

Splunk has announced a series of updates to strengthen the foundational technologies of the Splunk platform and extend its machine learning capabilities.

“This is a broad and continued investment in our Data to Everything platform, which itself is a recognition of the fact that our customers can do some pretty amazing things with it,” said Josh Klahr, Splunk’s VP of Core Products.

They start with enhancements to Splunk’s Data Stream Processor [DSP] real-time stream processing solution.

“Splunk DSP 1.1 is a really big component of the platform release,” Klahr said. “It adds support for what customers have asked for the most, to be able to route data to a non-Splunk source like an S3 data lake. DSP 1.1 is a continued realization of two things. One is that intelligence is moving to the stream. The second is that while the index is a valuable part, it’s not the only one people want to use. DSP highlights the importance of streaming data.”

Also announced was the Splunk Machine Learning Toolkit MLTK] version 5.2, which is Available with Splunk Cloud or Splunk Enterprise. The new functionality here is a simplified interface designed to let more non-technical users make greater use of the machine learning capabilities.

“While MLTK has been built into Splunk for a while, MLTK  5.2 continues our investments in smart assistants that guide workflows,” Klahr stated. “Here we have added support for a smart clustering assistant. It will ask you what attributes are interesting about a class of servers and walk you through the process of creating a clustering model and ongoing model management.”

“There’s a very interesting dynamic where there’s a class of data scientists who think that business users can’t do something like this,” Klahr continued. “But customers with simple machine learning capabilities can get pretty far and do more with their data with this.”

For Splunk Cloud, Splunk IT Service Intelligence [ITSI] 4.5 for Splunk Cloud is being announced. It delivers a centralized framework for monitoring and investigation in one view, and increased capacity for service and event management to support large deployments.

Splunk is also reiterating its important new partnership with Google Cloud, which was announced earlier this month.

“This is really big for us, and there has been a lot of positive public response to our Google Cloud partnership,” Klahr said. “There is a class of customers who have made a big bet on Google Cloud. It includes large retailers, and we have a big segment of retail customers who asked us for this. Google is also very popular with application developers and we have made a big bet on AppDev with our acquisition of [cloud monitoring vendor] SignalFx.”

“We’ve had a great partnership with AWS for a long time, but having a multicloud offering was important to many of our partners,” said Brooke Cunningham, Splunk’s VP of Partner Programs. “Many were already working with Google Cloud with other vendors.”

Splunk is also building on their mobile capabilities with the addition of Mobile Device Management [MDM] to Splunk Connected Experience, which provides mobile users with the ability to access their data with augmented reality, virtual reality and mobile applications.

“We first announced our investment in mobile two years ago, and the big announcement here is support for MDM,” Klahr said. The support for MDM providers like MobileIron and AirWatch lets customers securely deploy Splunk Mobile at scale.

“For companies who have techs in the field who need Splunk data on the go, mobile has really expanded the user base,” Klahr indicated.

“We are really excited about the maturation of mobile among our partners,” Cunningham said. “We were doing technical roadshows before the lockdown. and mobile was of great interest to partners.”

Klahr said that while Splunk’s capabilities around Work From Home is not officially part of the announcement, there are things here which are relevant.

“I would highlight how the recent move to remote work has created an interesting ability for us to apply our Data to Everything Platform to the concept of remote work,” he said. “Two months ago we introduced Remote Work Insights, which lets customers handle stress of remote work, and can show them things like how many employees log in from home and bandwidth consumption. We  were able to launch this app in a very short period of time, which highlights the power of a modern SaaS company.”

Klahr said that the next phase here will be customer questions about Return to Work.

“If there’s a set of criteria they want to be tracking, and what data they will need to do that in an effective way, Splunk customers will already have that data in their system.”

“We’ve had an amazing joint response with our partners around COVID-19 and Remote Work Insights,” Cunningham said. “AWS has been working with us on underpinning this, and we’ve partnered with Cisco around their AnyConnect solution, and with some of the SIs like Accenture and Deloitte. We are doing joint work for customers around analytics engine for next-generation workforce monitoring, and telehealth.”