Splunk App for Data Science and Deep Learning - What’s New in Version 5.1.1

In the ever-evolving world of data science, keeping your tools and software up to date is essential. This ensures that you have access to the latest features, security updates and bug fixes. The team behind our data science app has been hard at work to bring you the most robust and secure version yet. In this article, we'll dive into what's new in the recently released Splunk App for Data Science and Deep Learning (DSDL) version 5.1.1 available on Splunkbase now.

Bug Fixes and Enhanced Security

One of the top priorities in software development is addressing bugs and enhancing security. In version 5.1.1, we've dedicated significant work in these areas to identify and rectify issues, resulting in a more stable and secure application. Since the release of Splunk Enterprise 9.1 DSDL has been showing a javascript error on its landing page. In some setup situations, some users reported issues with the configuration not being accepted. The accessibility of certain functionalities in the app was better aligned with the roles of admins and users and added to the documentation.

Repository Restructuring and Docker Image Builds

A significant achievement in this release was the restructuring of the public GitHub repository, spearheaded by Josh Cowling. This new structure optimizes the build process of Docker container images which many customers asked for. Certificates can be added more easily, custom container images can be defined and built more quickly thanks to a few build scripts and a better structuring of the requirements for defining which data science libraries are installed in the images. Several tools and libraries were updated to their latest versions, equipping the app with cutting-edge features and patches. These updates contribute significantly to the app's overall robustness and security. Read more details in a separate blog post from Josh.

Documentation Updates

To ensure that users can make the most of the app, we've updated our documentation. In particular, we have added a guide on how to set up the DSDL with Amazon Web Services (AWS) Elastic Kubernetes Service (EKS). This step-by-step guide will be invaluable for users looking to harness the power of cloud computing for their data science projects in connection with their Splunk platform.

Recent Content for Cybersecurity

As DSDL sees more and more adoption, we also see more innovation and content being published around it. This is amazing to see especially for cybersecurity use cases. Recently Huaibo Zhao was writing about an LLM-based modeling approach to detect phishing emails. Read all the details in his blog post in case you have email data and want to implement such a use case. Our colleagues from the Splunk Machine Learning for Security team (SMLS) have been publishing pre-trained deep learning models for specific security detections. They described all the details in their security machine learning blog posts and on research.splunk.com. We also worked on packaging all DSDL-related ESCU content into an image to make it easier to deploy and run with Splunk Enterprise Security. Read more details in another blog post soon! Last but not least, we talked about model-assisted threat hunting with cyber experts from SURGe in a recent webinar that highlights how you can make use of the DSDL app for more advanced AI-powered threat hunting and security research.

Happy Splunking,

Philipp

Thanks for the continuous support of my colleagues here at Splunk: Josh, Huaibo, Emma, Mina and the various teams from production security, threat research, SURGe and marketing.