How It Works
Three-step flow — Connect to Splunk, define your agent, run and learn
How It Works
Deslicer AI runs in three steps: connect your Splunk, define your agent, and run. Each step is straightforward and designed to get you productive quickly.
Navigation
- Parent: Overview
- Related: What is Deslicer? | Why Deslicer
Step 1: Connect to Splunk
You securely link your Splunk environment to Deslicer. Supported setups include on-prem, Splunk Cloud, and hybrid. Connection uses the REST API and MCP, with zero data leaving your perimeter unless you explicitly configure it.
What happens: You provide connection details (endpoint, credentials, or token). Deslicer validates the connection and establishes the MCP link. Your Splunk becomes the source of truth for indexes, sourcetypes, fields, and configs.
What you see: A confirmed connection status and visibility into the resources Deslicer can access. You control what is exposed and how.
Step 2: Define Your Agent
You pick from purpose-built templates or customize your own. Each agent does one thing exceptionally well — SPL generation, alert tuning, dashboard design, or another focused task. You choose the scope and behavior.
What happens: You select or configure an agent type. Deslicer loads the appropriate capabilities and connects them to your Splunk context via MCP. The agent knows its role and your environment.
What you see: A configured agent ready to run. You can adjust templates, add constraints, or define custom workflows before the first run.
Step 3: Run and Learn
You run the agent. Every action is explained. Every suggestion is justified. Your team sees the reasoning and learns while the agent works.
What happens: The agent inspects your Splunk via MCP, diagnoses the situation, and produces suggestions. You review, approve, or edit. Nothing deploys without your explicit approval. Audit logs capture every step.
What you see: Clear explanations, traceable reasoning, and actionable output. Most teams run their first agent within 30 minutes and see value immediately.
The Loop
Connect once. Define agents as needed. Run repeatedly. Each run improves your understanding and your Splunk practice. Deslicer is built for that loop — connect, define, run, learn.
