Local AI Assistant for Splunk

OAI (Observalytics AI) integrates your local Ollama instance directly into Splunk, enabling AI-powered analysis without sending data to external services. The Problem: Security and operations teams want AI-driven insights but face compliance, privacy, and cost concerns with cloud-based AI APIs. Sending log data to external services introduces risk and may violate data governance policies. The Solution: OAI connects Splunk to your local Ollama server, keeping all inference on-premises. Your data never leaves your environment — no API keys, no cloud dependencies, no per-token costs. Key Benefits: - Privacy-first: All inference happens locally — your data never leaves your environment - Simple syntax: Just `| oai "your question"` — intuitive SPL integration - Index investigation: Automatically analyze any index for volume, EPS, log types, and anomalies - Event classification: Pipe events into OAI to have the model categorize and explain them - Fully configurable: Choose your model, endpoint, timeouts, and more via the setup page Perfect for security analysts, SOC teams, and anyone who wants to augment their Splunk workflows with AI-driven analysis while maintaining complete data sovereignty.