Search
Type something to search...
to navigateto selectESC to close

How Splunk Leveraged Skyline Algorithms to Supercharge Anomaly Detection

Splunk Anomify Skyline Case Study

Since 2015, Skyline has quietly powered anomaly detection at scale for some of the world’s most demanding data environments. Developed by Earthgecko, the engineering alias of anomaly detection expert Gary Wilson, Skyline pioneered a new model for continuously monitoring metrics in real-time at scale. With modular architecture, native Redis/Graphite/Prometheus integrations, and battle-tested algorithms, Skyline has evolved from a niche open-source project into a foundation for enterprise-grade detection.

One of the most compelling validations for Skyline came from an unexpected but elite source: Splunk.

The Splunk Challenge

Splunk, a global leader in observability and security handles immense volumes of machine data across cloud-native and hybrid environments. Despite its robust analytics suite, a consistent pain point from customers lay in fine-tuning real-time anomaly detection. They needed an engine that could scale with noisy, multidimensional telemetry, self-tune over time, and do so with minimal false positives.

Splunk’s team turned to Earthgecko Skyline, incorporating its algorithms to deliver a significantly improved F1 score than running Splunk’s own algorithms independently. F1 is essential in evaluating how well models are performing, and an improving F1 is a measure of how good at both minimising false positives and minimising false negatives an algorithm is.

What Splunk did with Skyline required huge engineering effort, but that doesn’t have to be your story.

With Anomify.ai, we’ve done the hard work for you.

Enter Anomify: Enterprise Anomaly Detection Without the R&D Overhead

Anomify is the managed, production-grade evolution of Skyline, built by the same team behind Skyline. We’ve retained the algorithmic depth and open-ended flexibility of Skyline, but layered on:

  • A clean web-based UI for exploring metric anomalies in real-time
  • Multi-source support out of the box: Prometheus, Graphite, Grafana and more
  • Supervised learning for reducing false positives and alert fatigue
  • Integrations with Slack, PagerDuty, Teams and more
  • Full API access for embedding anomaly detection directly into your pipeline

What took Splunk months to integrate and fine-tune internally, you can deploy in minutes.

We’ve also included pre-built dashboards, correlation, seasonality, root cause analysis, and real-time notifications, making Anomify far more than just a Skyline wrapper, it’s a productivity multiplier.

Final Word

When one of the world’s largest data platforms chooses your algorithms to improve their anomaly detection stack, you know you’ve built something robust. With Anomify.ai you get access to the same proven technology that’s helped Splunk sharpen its performance, without the overhead of wrangling open-source code.

Anomify lets you focus on insight, not infrastructure.

Ready to deploy anomaly detection like Splunk without the R&D lab?