Prelert Anomaly Detective

Anomaly Detective® uses advanced predictive analytics extend Splunk to enable highly accurate real-time alerts without the need to set thresholds.

Dashboards included:

* QuickMode - quickly converts your existing timechart searches to on-going, proactive anomaly searches
* Real-Time - detect developing anomalies using continuous background anomaly searches
* Compare - use to compare two searches at different times
* AutoDetect - extend an ad-hoc Splunk search with on-the-fly anomaly detection
* Categorize - automatically categorizes raw text fields based on similarity of text strings
* Operational Dashboard - visualize results of Real-Time anomaly searches in a heads-up display

Current version: v3.2.4 - changelog: http://goo.gl/hp34wo


Pricing: Free 30-day trial. Free for under 500 MB indexed daily. Pricing starts at $100/month above 1GB.

Unsupervised machine learning (self-learning) techniques analyze the fields, rates and values of your data and develop a model of the normal behaviors of your environment. These models are then leveraged to identify anomalous behaviors. When an issue develops, the Anomaly Detective highlights the data directly related to that issue.

Installs onto Splunk search head(s) as a 100% native app - no external servers/systems required.

Common Use-Cases:

  • IT Ops / APM
    • Alerting on response times w/o thresholds
    • Detecting spikes in error counts by type
  • Security
    • Detecting Brute force attacks / DDoS
    • Detect changes in outbound proxy traffic to prevent misuse / data leakage

more

Setup/Config:

Other Documentation:

10 ratings