Install or upgrade the Splunk App for Anomaly Detection
The Splunk App for Anomaly Detection uses machine learning in a simplified workflow to help you find anomalies in time-series data. Use the following directions to install the Splunk App for Anomaly Detection.
The app works on both Splunk Enterprise and Splunk Cloud Platform. After installation, the application is immediately available to use on data loaded in your Splunk instance. No additional configuration steps are needed.
The app works with any dataset that you can ingest into the Splunk platform environment. Similar to other Splunk applications, the CPU and memory resources the app consumes is commensurate with the size of the datasets you use.
Version dependencies
The Splunk App for Anomaly Detection relies on the Splunk Machine Learning Toolkit (MLTK) app and the Python for Scientific Computing (PSC) add-on.
The Splunk App for Anomaly Detection relies on the PSC add-on, but an ARM-compatible PSC version is not available. Thus, the app does not work on Mac M1 or M2 laptops.
See the following table to ensure you are running compatible versions of the apps:
| Splunk App for Anomaly Detection version | MLTK version | PSC version |
|---|---|---|
| 1.1.0 | 5.3.0 or higher | 3.0.0 or higher |
| 1.0.0 | 5.4.0 | 3.1.0 or 4.1.0 |
For specific version information that includes the Splunk App for Anomaly Detection, MLTK, the PSC add-on, and Splunk Enterprise, see Splunk App for Anomaly Detection version matrix.
Install the app from Manage Apps
Perform the following steps to install the Splunk App for Anomaly Detection:
- Download the Splunk App for Anomaly Detection from Splunkbase.
- In Splunk Web, select the Manage Apps icon next to Apps in the left navigation bar.
- On the Apps page, select Install app from file.
- Select Choose File to navigate to and select the package file for the Splunk App for Anomaly Detection. Then click Open.
- Select Upload.
- Restart your Splunk instance after installing the Splunk App for Anomaly Detection.
- Following the restart, you can see the app listed and available for use.
Install the app from Find More Apps
Perform the following steps to install the Splunk App for Anomaly Detection:
- Select +Find More Apps from the left navigation bar.
- Use a keyword such as "Anomaly" to see the Splunk App for Anomaly Detection.
- Choose Install.
- Input your username and password, review the terms and conditions, then Agree and Install.
- Your instance will require a restart.
- Following the restart, you can see the app listed and available for use.
Install the app on a search head cluster
The Splunk App for Anomaly Detection is supported on search head clusters. For more information, see Install an add-on in a distributed Splunk Enterprise deployment in the Splunk Add-ons manual.
Upgrade the app
Any jobs created and saved in version 1.0.0 carry over to version 1.1.0 when you upgrade. You might need to clear your browser cache after upgrading to see your saved jobs on the updated Job Dashboard user interface.
In Splunk Web, an Update option shows on the app icon in the left-hand Apps menu when a new version of an app is available on Splunkbase. Click that Update option to initiate the app update process.
Alternatively, you can perform the following steps:
- Download the latest version of the app from Splunkbase.
- In Splunk Web, click on the gear icon next to Apps in the left navigation bar.
- On the Apps page, click Install app from file.
- Click Choose File, navigate to and select the package file for the app or add-on, then click Open.
- Check the Upgrade app box.
- Click Upload.
| About the Splunk App for Anomaly Detection | Splunk App for Anomaly Detection workflow |
This documentation applies to the following versions of Splunk® App for Anomaly Detection: 1.1.0
Download manual
Feedback submitted, thanks!