Splunk app "AI Workbench" - The Dutch Data Difference

Unlock the Full Power of Splunk with AI Workbench

In today’s fast-paced data environments, speed is the ultimate competitive advantage. AI Workbench is designed to transform the way you interact with data by bridging the gap between human intent and technical execution.

A Guided Journey from Question to Splunk Object Users don’t have to face a blank prompt. The AI Workbench experience starts with Templates—pre-tuned workflows for tasks ranging from “Building a SPL search” to “Smart Forecasting”. By answering a few scenario-specific questions, users guide the assistant to produce production-quality results in seconds.

Overview of AI Workbench

The Four Pillars of Intelligence The workbench architecture is built on four distinct layers that provide unprecedented control and quality:

Templates (The Recipes): Define what to do for specific use cases.
Tools (The Hands): The AI uses these to list indexes, run probe searches, and create objects under your existing Splunk ACLs.
Skills (The Spelregels): Centrally managed rules that enforce quality across all templates. When you update a “Skill,” like a standard for dashboard color semantics, every template referencing it is updated instantly.
Knowledge (The Library): The assistant can consult federated knowledge sources like ESCU Analytic Stories to provide evidence-backed verdicts during investigations.

AI Toolkit (MLTK) Automation One of the most powerful features is the end-to-end automation of the Splunk AI Toolkit. Normally, building an outlier detector requires algorithm selection, model training, and threshold tuning. With AI Workbench, the assistant inspects your data distribution and seasonality, picks the right algorithm (like DensityFunction), trains a globally shared model, and builds a diagnostic dashboard with actual-vs-predicted bands to prove the model works.

Corporate-Grade Multi-Tenancy & Governance AI Workbench is designed for large enterprises and Managed Service Providers (MSPs). It resolves Org and BU assignments automatically, meaning one Splunk environment can serve multiple teams or customers with complete isolation.

Tokens & Costs: Admins get a full breakdown of LLM spend by app, user, model, or BU, with real per-model pricing.
Governance: Admins can enable or disable specific tools per tenant, ensuring that a junior team cannot accidentally trigger destructive commands or high-cost operations.

Security and Privacy Without Compromise Your privacy is paramount. AI Workbench respects your existing Splunk permissions—if a user can’t see an index, the AI can’t either. We support Bring Your Own LLM, giving you the flexibility to use high-performance cloud models or local, air-gapped models for sensitive data. A built-in security confirmation prompt also ensures that users are always aware when data is sent to a provider.

Get Senior Splunker Results in Seconds AI Workbench acts as a senior Splunk admin sitting next to every user. It picks efficient commands, avoids performance traps, and adheres to best practices—allowing your team to focus on the “what” while the Workbench handles the “how”.