Splunk Introduces Advanced AI Enhancements for Observability, Security and IT Service Intelligence

• 13 Jun 2024
• TM Team
• 0 Comments

Splunk, the cybersecurity and observability leader, introduced a collection of AI tools across its product portfolio to enable organizations to speed up routine tasks and enhance their ability to get insights from data fast. Splunk’s generative AI-powered Assistants can help every user become a security and observability expert.

Splunk has expanded its AI capabilities with new generative AI assistants in Observability Cloud and Security, providing customers with improved IT visibility and enhanced proactive threat mitigation capabilities. Additionally, the company has made its Splunk AI Assistant for SPL generally available, helping customers derive insights from Splunk using natural language. Moreover, Splunk unveiled new AI capabilities for IT Service Intelligence (ITSI), including Configuration Assistant, aimed at streamlining configuration processes and optimizing operational efficiency, along with Drift Detection for KPIs and entity-level Adaptive Thresholds for more accurate detection.

“AI is the cornerstone of Splunk’s strategy for driving enhancements with our industry-leading security and observability solutions,” said Hao Yang, VP, Head of AI at Splunk. “Our AI Assistants are designed to help users do their jobs easier and faster. We are currently adding generative AI tools to our product portfolio to accelerate detection, investigation and response workflows. Looking ahead, we aim to further refine the integration of advanced AI technologies, and continue to deliver more reliable and more secure IT outcomes for our customers.”

Expedite Investigations and Enhance Effectiveness with New AI Assistants in Observability Cloud and Security

The AI Assistant in Observability Cloud introduces a generative AI-powered feature designed to streamline detection, exploration and investigation for engineering teams, with a natural language interface. By analyzing metrics, traces and logs, the AI Assistant helps enable software developers and Site Reliability Engineers (SREs) to quickly extract valuable insights, accelerating their day-to-day tasks, root cause analysis and issue resolution. This removes barriers and reduces expertise required to solve problems, making troubleshooting and data exploration journeys more accessible, and increasing operational efficiency.

Splunk also unveiled the AI Assistant in Security. Designed to expedite security analysts’ investigations and daily workflows by leveraging generative AI capabilities, this assistant streamlines the investigative process with analyst guidance and summarizes incident data. Offering AI-assisted security workflow guidance and generating security-specific Splunk Search Processing Language (SPL) accelerates investigations and response times, empowering analysts to fortify defenses against evolving threats with simplified processes and enhanced efficiency.

Splunk AI Assistant for SPL Accelerates Data Understanding

Splunk AI Assistant for SPL helps customers interact with Splunk’s data analytics platform using natural language, bridging the gap between human intuition and machine-driven analytics. This innovative tool allows analysts to execute complex analysis using natural language, understand existing Splunk Processing Language (SPL) queries with step-by-step explanations and search through product documentation to answer how-to questions.

By translating between natural language and SPL queries, Splunk AI Assistant improves analyst productivity and decision-making effectiveness. It further empowers organizations to optimize data analysis and incident response, positioning them to thrive in today’s data-driven world.

“We are integrating AI capabilities (assistants) into our solutions,” said Bongsu Cho, VP of AI & Big Data Division at LG Electronics. “More than ever before, it’s a competitive advantage to quickly and efficiently gain critical insights from your data which significantly enhances operational efficiency and proactive threat mitigation, ensuring robust digital resilience. A strategic AI approach across solutions ultimately drives innovation and strengthens business continuity in an increasingly complex digital landscape."

Advanced AI in IT Service Intelligence (ITSI)

Recently announced at Cisco Live, Splunk introduced a Configuration Assistant to its IT Service Intelligence (ITSI) solution, which leverages advanced AI and machine learning capabilities to manage and optimize configurations, proactively surfacing insights into the health of ITSI knowledge objects, such as KPIs, services, and entities. It provides a centralized console that helps IT administrators maintain accurate alerting by providing insights into outdated threshold models and optimizing those with a guided remediation, giving them a more accurate view of their IT health and reducing false positive alerts.

Splunk is also showcasing two new features as part of ITSI: Drift Detection for KPIs and entity-level Adaptive Thresholds. Drift Detection for KPIs helps users spot potential issues early by showing KPIs that exhibit gradual changes or sudden deviations from normal patterns. Additionally, Splunk’s entity-level Adaptive Thresholds allows users to create dynamic baselines at an entity level, and generate alerts if they behave abnormally. Both features are in public preview.