Anomaly Detective for Splunk

Support Center

Tips and Tricks

  • Multi-sourcetype Analysis

    In order to simultaneously analyze multiple fields across multiple sourcetypes, the Anomaly Detective relies o...

    Feb 14, 2014 01:54PM EST
  • Analyzing only "top N" items

    A customer of ours recently inquired about the possibility of only analyzing data from his "top 5" of his clie...

    Feb 05, 2014 01:46PM EST
  • bucketspan - Best Practices

    All modes of Anomaly Detective can leverage a command-line option called "bucketspan" - it is an optionally sp...

    Jun 23, 2013 07:55AM EDT
  • Compare Mode - Best Practices

    The Compare mode is a useful way to compare two time ranges against each other, looking for statistical anomal...

    Jun 17, 2013 11:11PM EDT
  • Custom Anomaly Dashboards

    NOTE: Prelert Dashboard components leverage Splunk's "advanced XML" which is compatible with Splunk v5.x and v...

    Jul 16, 2014 02:24PM EDT
  • Anomaly Score and Probabilities

    In the Anomaly Detective, there are a few key metrics of the results that are worth understanding: Probabilit...

    Jul 16, 2013 02:03PM EDT
  • bufferSpan - Practical Usage

    Hidden in the "Advanced settings" area of the Real-Time search configuration page, the bufferSpan setting is d...

    Feb 28, 2014 11:20AM EST

Contact Us

  • Post a Public Question
  • Email Us
  • @prelertsupport on Twitter
    Or call us @ 888.prelert (Toll: +1 508 309 4445)

support@prelert.com
http://assets02.desk.com/
false
prelertsupport
Loading
seconds ago
a minute ago
minutes ago
an hour ago
hours ago
a day ago
days ago
about
false
Invalid characters found
/customer/en/portal/articles/autocomplete