AI-Driven Alert Correlation with EventiQ in Splunk ITSI

In this video, we introduce EventiQ in Splunk ITSI, a powerful AI-driven solution designed to cut through the noise and help you find the root cause of issues faster.

We’ll show you how EventiQ automatically analyzes and groups related alerts into actionable episodes, significantly reducing alert volume. We’ll cover how to enable EventiQ for a Notable Event Aggregation Policy and review the resulting episodes that it creates.

If you’re interested in learning more about ITSI, check out our interactive game ITSI Academy at https://splunkgames.com/.

TOC:

00:00 Introduction to EventiQ

01:32 Setting up a Notable Event Aggregation Policy with EventiQ enabled

02:51 Analyzing and previewing episode results

04:46 Reviewing episode results

07:00 The benefits of automated alert correlation

07:58 Conclusion