How to Forecast Values Using Splunk Machine Learning Toolkit

How to Forecast Values Using Splunk Machine Learning Toolkit

Hello everyone !!!

Today we have come with a most interesting and useful topic of Splunk that is Forecasting . Forecasting means to predict some values of future using present values. All of you heard about the application called Splunk Machine Learning Toolkit ( MLTK ) in Splunk . This application is basically used for forecasting the data. Today we will show you how to forecast the data in Splunk Machine Learning Toolkit. Follow the below steps to forecast the data.

Step 1:

Open the Splunk Machine Learning Toolkit


Step 2:

By default it will open Showcase page in Splunk Machine Learning Toolkit . For forecasting new data click on Experiment.


Step 3:

Select your desired Assistant to create a new Experiment. Here we have selected Forecast Time Series for our prediction.


Step 4:

Give an Experiment Title for creating an Experiment . We have given the title as  Method Count Prediction . Click on Create.


Step 5:

Enter a search string for prediction . We have given the search string as index=_internal sourcetype=splunkd_ui_access | timechart span=1h count(method) as method_count

We are running the search for last 24 hours. Hit enter to get the result.


Step 6:

You can preview the data which is generated by the query.


Step 7:

Select the Field to Forecast which you want to predict. We have selected method_count for forecast. Also give the Method for prediction and you can give the Future  Timespan and Holdback as well.We have selected Method as LL(local level).You can utilize other Methods too as per your data . Click on the Forecast to predict the value. To know more about prediction methods,future timespan and holdback see Usage of Splunk commands  : PREDICT.

You can also know about :  How to find Number of days between two custom dates, excluding weekends and holidays?


Step 8:

View the Forecast result.


Step 9:

To see the SPL behind this Forecast click on Show Spl.


Step 10 :

Now you can see the SPL query. One predict command portion is generating by default . 


Step 11:

After forecasting click on Save to save the experiment.



Step  12:

To see the saved experiments click on Go to Listing Page.


Step 13:

Now you can see the Experiment in the list which you have saved.


Hope this has helped you in achieving the below requirement without fail !!

How to Forecast Values Using Splunk Machine Learning Toolkit


Happy Splunking !!

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.