Effectively using technology platforms like Splunk is not easy.

Before with Modularity

Imagine an average IT professional trying to set up security alerts for their network using such a system. This person has to go through a lengthy process:

  1. Create a saved search, test it, and run it multiple times.
    • Decide which node to run the saved search on.
  2. Determine if the search can overload system capacity.
  3. Configure the saved search to run at regular intervals.
  4. Create a custom extension (Splunk app) for this capability
  5. Upload the new Splunk app to the production system.
  6. Cross their fingers and hope everything went smoothly.
  7. Make adjustments to the setup over time.

With NLP/ LLMs

Language Model Interfaces (LLMs), convert human speech into system language.

This innovation brings new possibilities:

  • Users interact naturally with LLMs, requesting actions.
  • LLMs can use the platform’s API to construct custom components.
  • LLMs become the reusable packages that platforms can provide.

An NLP (Natural Language Processing) system can swiftly launch custom components, breaking down complex commands like “create an alert for network intruder detection” into a set of generative actions:

  1. Retrieve user metadata for source type heuristics.
    1. Prompt users to set up data ingestion and metadata if needed, with assistance from another LLM.
  2. Build a saved search.
    1. Confirm search correctness with the user.
  3. Configure the search to run regularly.
    1. Determine the appropriate node based on search complexity.
    2. Suggest additional capacity if needed.
  4. Bundle the search and configuration securely.
  5. Apply the bundle to the platform.

Steps 1.1, 2.1, and 3.2 enhance the user experience, while the remaining steps are managed behind the scenes by the LLM via platform APIs.

This benefits even power users, allowing them to rely on LLMs for scaffolding while focusing on fine-tuning the search. The system remains useful, as power users can leverage their domain expertise without becoming platform experts.

What’s Next for this Innovation?

Are LLMs replacing humans? To some extent, yes. LLMs enhance human productivity, benefiting both platform users and API developers. This aligns with the “no code” trend.

Platform developers can simplify API development for LLMs, making them more LLM-friendly, and thereby, more productive.

Will a Single Dominant LLM emerge?

It’s likely that we’ll see multiple specialized LLMs. Initially, each platform may offer its specialized LLM. In the medium term, specialized LLM vendors might emerge, allowing customers to use their preferred LLM with various platforms. Eventually, platform vendors may even acquire LLM vendors for security and independence, necessitating cross-platform compatibility.

Other Platform Examples

While we discussed Observability as an example, various platforms are integral to modern organizations, including HR systems, E-Commerce, ERP, online search, accounting, tax, shipping, and logistics systems.

Advice for Platform Vendors

Platform vendors should prioritize robust platform APIs and ensure they are LLM-friendly. This means reevaluating constraints like REST/JSON APIs (designed for human interaction) to unlock new levels of productivity.