Splunk announced expanded machine learning capabilities across its product portfolio with the release of Splunk Enterprise 7.0, Splunk IT Service Intelligence (ITSI) 3.0, Splunk User Behavior Analytics (UBA) 4.0 and updates to Splunk Cloud.
Splunk also introduced an updated suite of solutions that apply analytics and machine learning to fraud and cloud monitoring use cases.
“Machine learning is critical to customer success and to the evolution of Splunk. Our seamlessly integrated capabilities open up machine learning to everyone, enabling our customers to better predict future outcomes and more effectively analyze their data,” said Richard Campione, Chief Product Officer, Splunk. “Data is a strategic advantage and organizations are looking for the fastest, most efficient way to turn data into answers. With machine learning and metrics advancements that anyone can use, Splunk Enterprise 7.0 and Splunk Cloud powerfully deliver mission-critical answers faster and easier than ever before.”
Splunk Enterprise 7.0 and Splunk Cloud help customers better monitor, investigate and gain intelligence with their data, while delivering massive improvement in performance and scale. Support for metrics accelerates monitoring and alerting by at least 20x, and optimizations to core search technology deliver 3x speed improvement. With these enhancements, customers can use the Splunk platform to predict future IT, security and business outcomes through integrated machine learning techniques backed by powerful, extensible algorithms. These machine learning advances enable users to collect, prepare, transform, explore, visualize and publish data insights.
Splunk also announced new, advanced machine learning capabilities for its existing premium-packaged solutions, including:
- Splunk ITSI 3.0: The latest version of Splunk ITSI revolutionizes event monitoring by combining service context with machine learning to help identify existing and potential issues, prioritize restoration of business-critical services and deliver analytics-driven IT operations. Splunk ITSI 3.0 applies service context, including dependencies, to events and employs machine learning to reduce the noise of alert fatigue and surface only the most critical information.
- Splunk UBA 4.0: The new version of Splunk UBA enables customers to create and load their own machine learning models to identify custom anomalies and threats via Splunk UBA’s new software development kit (SDK). This capability opens up Splunk UBA to the world, giving users more power to detect insider attacks and automate correlation of anomalous behavior into high fidelity threats.
- Machine Learning Toolkit: Free to any customer, the Splunk Machine Learning Toolkit (MLTK) is a data science application that anyone can use to predict future IT, security and business outcomes. Recent updates include machine learning model management, which integrates user permissions via an intuitive user interface. In addition, the MLTK now includes public machine learning APIs for open source and proprietary algorithms, and a data prep module to help customers prepare and clean their data before initiating machine learning modeling.
With increased demand for premium-packaged solutions, Splunk is also announcing new and updated solutions to tackle specific customer security needs in security and IT operations:
- Splunk ES Content Update: Bringing human intelligence and machine data closer, Splunk Enterprise Security (ES) Content Update is a new subscription service that offers pre-packaged security content to Splunk ES customers. Splunk ES Content Update will regularly deliver dynamic new content to security practitioners to detect specific threats, help security teams investigate threats and manage the decision-making process to make it easier to choose responses.
- Security Essentials for Fraud Detection: Splunk Security Essentials for Fraud Detection is a free Splunk app that guides customers on how to use Splunk to identify and investigate different types of fraud, including healthcare, payment card and transactional fraud. Using Splunk MLTK and a range of Splunk data analysis functions, Splunk Security Essentials for Fraud Detection makes it easier for customers to understand and adapt fraud use cases for their own environments.
- Splunk Insights for AWS Cloud Monitoring: Also available in the Amazon Marketplace as an Amazon Machine Image (AMI), Splunk Insights for AWS Cloud Monitoring provides organizations with an analytics-based approach to cloud monitoring. This solution offers real-time awareness of performance, security, operational and cost management insights from Amazon Web Services (AWS).
- Splunk Insights for Ransomware: Splunk Insights for Ransomware is a solution priced per user that provides organizations with real-time insights for proactive assessment and rapid investigation of potential ransomware threats.
- Booz Allen Hamilton Cyber4Sight for Splunk: A solution which empowers security analysts and threat hunters with actionable threat intelligence, Cyber4Sight for Splunk is now generally available. The new app combines cyber insights and security intelligence from Booz Allen’s threat intelligence service with analytics-driven security insights from Splunk ES.
Splunk Enterprise 7.0 is available today, with Splunk ITSI 3.0 and UBA 4.0 available next month. The new version of Splunk Cloud will be available by January 2018.
The Latest
In the world of digital-first business, there is no tolerance for service outages. Businesses know that outages are the quickest way to lose money and customers. For smaller organizations, unplanned downtime could even force the business to close ... A new study from PagerDuty, The State of AI-First Operations, reveals that companies actively incorporating AI into operations now view operational resilience as a growth driver rather than a cost center. But how are they achieving it? ...
In live financial environments, capital markets software cannot pause for rebuilds. New capabilities are introduced as stacked technology layers to meet evolving demands while systems remain active, data keeps moving, and controls stay intact. AI is no exception, and its opportunities are significant: accelerated decision cycles, compressed manual workflows, and more effective operations across complex environments. The constraint isn't the models themselves, but the architectural environments they enter ...
Like most digital transformation shifts, organizations often prioritize productivity and leave security and observability to keep pace. This usually translates to both the mass implementation of new technology and fragmented monitoring and observability (M&O) tooling. In the era of AI and varied cloud architecture, a disparate observability function can be dangerous. IT teams will lack a complete picture of their IT environment, making it harder to diagnose issues while slowing down mean time to resolve (MTTR). In fact, according to recent data from the SolarWinds State of Monitoring & Observability Report, 77% of IT personnel said the lack of visibility across their on-prem and cloud architecture was an issue ...
In MEAN TIME TO INSIGHT Episode 23, Shamus McGillicuddy, VP of Research, Network Infrastructure and Operations, at EMA discusses the NetOps labor shortage ...
Technology management is evolving, and in turn, so is the scope of FinOps. The FinOps Foundation recently updated their mission statement from "advancing the people who manage the value of cloud" to "advancing the people who manage the value of technology." This seemingly small change solidifies a larger evolution: FinOps practitioners have organically expanded to be focused on more than just cloud cost optimization. Today, FinOps teams are largely — and quickly — expanding their job descriptions, evolving into a critical function for managing the full value of technology ...
Enterprises are under pressure to scale AI quickly. Yet despite considerable investment, adoption continues to stall. One of the most overlooked reasons is vendor sprawl ... In reality, no organization deliberately sets out to create sprawling vendor ecosystems. More often, complexity accumulates over time through well-intentioned initiatives, such as enterprise-wide digital transformation efforts, point solutions, or decentralized sourcing strategies ...
Nearly every conversation about AI eventually circles back to compute. GPUs dominate the headlines while cloud platforms compete for workloads and model benchmarks drive investment decisions. But underneath that noise, a quieter infrastructure challenge is taking shape. The real bottleneck in enterprise AI is not processing power, it is the ability to store, manage and retrieve the relentless volumes of data that AI systems generate, consume and multiply ...
The 2026 Observability Survey from Grafana Labs paints a vivid picture of an industry maturing fast, where AI is welcomed with careful conditions, SaaS economics are reshaping spending decisions, complexity remains a defining challenge, and open standards continue to underpin it all ...
The observability industry has an evolving relationship with AI. We're not skeptics, but it's clear that trust in AI must be earned ... In Grafana Labs' annual Observability Survey, 92% said they see real value in AI surfacing anomalies before they cause downtime. Another 91% endorsed AI for forecasting and root cause analysis. So while the demand is there, customers need it to be trustworthy, as the survey also found that the practitioners most enthusiastic about AI are also the most insistent on explainability ...
In the modern enterprise, the conversation around AI has moved past skepticism toward a stage of active adoption. According to our 2026 State of IT Trends Report: The Human Side of Autonomous AI, nearly 90% of IT professionals view AI as a net positive, and this optimism is well-founded. We are seeing agentic AI move beyond simple automation to actively streamlining complex data insights and eliminating the manual toil that has long hindered innovation. However, as we integrate these autonomous agents into our ecosystems, the fundamental DNA of the IT role is evolving ...