Splunk MLTK’s Cluster Numeric Events assistant to cluster the behaviour of employees

In this video, we will be using the Splunk Machine Learning Toolkit’s (MLTK) Cluster Numeric Events assistant to partition events with multiple numeric fields into clusters. As in this example, a security analyst could cluster the behavior of employees based on how frequently they use business applications like Webmail or the VPN.

About The Author
- Splunk was founded to pursue a disruptive new vision: make machine data accessible, usable and valuable to everyone. Machine data is one of the fastest growing and most pervasive segments of "big data"—generated by websites, applications, servers, networks, mobile devices and all the sensors and RFID assets that produce data every second of every day. By monitoring and analyzing everything from customer clickstreams and transactions to network activity and call records—and more—Splunk turns machine data into valuable insights no matter what business you're in. It's what we call operational intelligence.

Tell us what you think...