Splunk® Data Stream Processor

Use the Data Stream Processor

Acrobat logo Download manual as PDF


Acrobat logo Download topic as PDF

About the Streaming ML Plugin

The Streaming ML plugin offers a machine-learning powered data ingestion experience with a range of functions that perform in-flight data analysis. Using real time machine learning, models are constantly updated. Trained models both learn on the stream and score on the stream.

You must |install the Streaming ML plugin to access these functions.

Streaming ML functions are orders of magnitude faster than alternative approaches to machine learning. On average, these functions process up to 10K records per second (approximately 150 GB per day). Higher throughput volumes may experience some delay.

What the plugin includes

The Streaming ML plugin offers several streaming functions and two aggregation functions.

All Streaming ML functions are currently in beta.

Streaming functions:

Aggregation functions:

How to install the Streaming ML plugin

Use the following directions to install the Streaming ML plugin for your Splunk Data Stream Processor.

Prerequisites

  • Splunk Data Stream Processor version 1.2 (and above) on-prem is installed on the machine.
  • The machine is configured with SCloud command-line tool.

To learn about SCloud, see Get started with SCloud.

Installation steps

  1. On the master node of the cluster or on a single instance machine, navigate to the Splunk Data Stream Processor working directory.
    cd <dsp-folder-name>
    
  2. Run the "deploy-ml-plugin" command to install the plugin. You must run the command with root permission.
    ./deploy-ml-plugin
    
  3. You will be prompted to enter the administrator password for your Splunk Data Stream Processor.
    Please enter DSP password:
    {dsp_password}
    
  4. Once you enter the password and installation is complete, a success message appears:
    [OK] Splunk Streaming ML Plugin is uploaded successfully!
    
  5. Reload the browser page and the Streaming ML functions appear.

Uninstall the plugin

To uninstall the Streaming ML plugin, run the command with a -d option.

The following example shows the command with a -d option:

sudo ./deploy-ml-plugin -d

Once the uninstall is complete, a success message appears:

[OK] Plugin deleted: 4b4b921a-5455-4bd0-8878-f0920d48c333.
Last modified on 07 January, 2021
PREVIOUS
Troubleshoot lookups to the Splunk Enterprise KV Store
  NEXT
Create custom functions with the Splunk Data Stream Processor SDK

This documentation applies to the following versions of Splunk® Data Stream Processor: 1.2.0


Was this documentation topic helpful?

You must be logged into splunk.com in order to post comments. Log in now.

Please try to keep this discussion focused on the content covered in this documentation topic. If you have a more general question about Splunk functionality or are experiencing a difficulty with Splunk, consider posting a question to Splunkbase Answers.

0 out of 1000 Characters