At the annual Splunk Worldwide User’s Conference today, Splunk unveiled a series of updates to its portfolio that significantly expand how machine learning can be applied to improve IT operations.
The latest versions of Splunk Enterprise and Splunk Cloud expand the usage of machine learning in the core platform to make it possible to analyze more IT events in parallel. At the same time, Spunk is extending the reach of its machine learning algorithms to Splunk IT Service Intelligence as well as Splunk User Behavior Analytics (UBA) applications it built on top of the core Splunk platform.
In addition, Splunk has updated the user interface of Splunk Enterprise Security, which provides the foundation on top of which the Splunk Adaptive Response framework is built. That framework employs machine learning to correlate security events generated by third-party security technologies from vendors such as Palo Alto Networks and Carbon Black.
Jon Rooney, senior director of IT solutions marketing for Splunk, says it’s become apparent that there are not enough IT staff available to manage modern IT environments at scale. Given the vast amounts of machine data that Splunk can get, it makes a platform that is already widely used by internal IT teams the most logical place to employ machine learning algorithms to automate various IT processes.
“We’re trying to make it possible to trigger better and faster decisions,” says Rooney.
As a step toward employing artificial intelligence (AI) to manage IT operations, there’s naturally a certain amount of apprehension when it comes relying on IT automation to identify issues and then implement fixes. The core decision regarding what action should be taken remains with the IT operations teams. But the fact is, there are now too many IT events occurring at the same time for the average IT operations management team to correlate in a way that enables them to act on that information in a timely manner without employing advanced analytics.
Because of this issue, increased reliance on machine learning algorithms across the enterprise is now all but inevitable. The task is to figure out which lower-level IT functions can be automated to allow the IT organization to focus the limited resources they do have on higher-level functions that add the most value to the business.