Upgrade the Splunk Machine Learning Toolkit
The Splunk Machine Learning Toolkit (MLTK) regularly releases new features and enhancements. You can learn about new features and enhancements by release version, on the What's new page.
The Splunk Enterprise Security App relies on MLTK and the PSC add-on. If you are a Splunk Enterprise Security App user, and you are upgrading that app, restart your Splunk instance first. Doing so closes any background PSC processes that can cause the Splunk Enterprise Security App upgrade to error out.
Requirements
Running MLTK version 5.4.1 requires Splunk Enterprise 8.2.x or higher or Splunk Cloud Platform.
The Splunk Machine Learning Toolkit requires the Python for Scientific Computing (PSC) add-on. Version 5.4.1 of MLTK requires version 4.2.0, 4.1.2, 4.1.0, or 3.1.0 of PSC. These versions of PSC include the ONNX library and are required to bring pre-trained ONNX models into MLTK. See, Upload and inference pre-trained ONNX models in MLTK.
If you have any custom algorithms that rely on the PSC libraries, upgrading the PSC add-on impacts those algorithms. You must re-train any models (re-run the search that used the fit command) using those algorithms after you upgrade PSC.
Version 4.0.0 of PSC is only available when using MLTK version 5.3.3. Version 4.0.0 provides updates and adds several libraries in the package. In particular, Pytorch, cpuonly, transformers, onnxruntime, pydantic, and watchdog Version 4.0.0 of PSC has additional installation steps.
Version dependencies
For version information that includes MLTK, the PSC add-on, Python, and the Splunk platform, see Splunk Machine Learning Toolkit version dependencies.
If a newer version of PSC is required for the version of MLTK you upgrade to, an in-app instruction to upgrade PSC appears when you run the upgraded version of MLTK.
MLTK version PSC version 5.4.1 3.1.0, 4.1.0, 4.1.2, or 4.2.0 5.4.0 3.1.0, 4.1.0, or 4.1.2 5.3.3 3.0.2, 3.1.0, 4.0.0, 4.1.0, or 4.1.2 5.3.1 3.0.0, 3.0.1, or 3.0.2 5.3.0 3.0.0, 3.0.1, or 3.0.2 5.2.2 2.0.0, 2.0.1, or 2.0.2 5.2.1 2.0.0, 2.0.1, or 2.0.2 5.2.0 2.0.0, 2.0.1, or 2.0.2 5.1.0 2.0.0, 2.0.1, or 2.0.2 5.0.0 2.0.0, 2.0.1, or 2.0.2 4.5.0 1.4
Upgrade in Splunk Web
In Splunk Web, click the Update option on the app icon in the left-hand Apps bar. The Update option appears when a new version of an app is available on Splunkbase.
Upgrade from Manage Apps
Follow these steps to upgrade the Splunk Machine Learning Toolkit using Manage Apps:
- Download the latest version of the Splunk Machine Learning Toolkit app from Splunkbase
- In Splunk Web, select the Manage icon next to Apps in the left navigation bar as shown in the following image:
- On the Apps page, select Install app from file.
- Select Choose File to navigate to and select the package file for MLTK. Then click Open.
- Check the Upgrade app box.
- Click Upload.
In a distributed deployment and depending on your environment, you might need to upgrade MLTK and PSC in multiple places.
Upgrade from the command line
On the command line (CLI), run the command that corresponds to your operating system:
| Operating system | Command line |
|---|---|
| Unix/Linux | ./splunk install app <app_package_filename> -update 1 -auth <username>:<password>
|
| Windows | splunk install app <app_package_filename> -update 1 -auth <username>:<password>
|
Alternatively, unpack/unzip the file then copy the app directory to $SPLUNK_HOME/etc/apps on Unix based systems or %SPLUNK_HOME%\etc\apps on Windows systems.
| Install the GitHub for Machine Learning App | Splunk Machine Learning Toolkit version dependencies |
This documentation applies to the following versions of Splunk® Machine Learning Toolkit: 5.4.1
Download manual
Feedback submitted, thanks!