Frequently Asked Questions

Cedrix is an AI platform that connects to your Splunk infrastructure and enables facility managers to make production, maintenance, energy, and quality decisions using natural language — no SPL knowledge required. Users ask questions directly and the platform responds instantly. Splunk + Cedrix are deployed as a single bundle; no other infrastructure is needed.

An industrial AI platform is software that analyzes factory and facility data using artificial intelligence. Cedrix reads sensor data from Splunk; the user asks a question ("Which engines are underperforming?"), the platform automatically generates and executes an SPL query, and delivers the result via real-time streaming. With Splunk Hosted AI, data never leaves the network.

Cedrix and Splunk are deployed together as a single package — no other infrastructure is needed. PostgreSQL can be added as an optional additional data source (via MCP protocol). Without Splunk, Cedrix's core AI analysis features do not function.

Yes. Cedrix is built with privacy-by-design principles for GDPR and KVKK.

On-Board AI option: Data never leaves the Splunk cluster — | ai runs inside Splunk.

External AI providers: The hybrid data masking engine clears IP addresses, MAC addresses, emails, UUIDs, credentials, and custom regex patterns before any API call — processing is in-memory, nothing is written to disk.

Additional security: AES-256 encrypted local storage, bcrypt password hashing, HWID-bound offline licensing, audit log to cedrix_audit Splunk index (supports PCI-DSS/NERC CIP/HIPAA data-handling requirements).

Splunk Hosted AI works via Splunk's | ai SPL command. Cedrix applies a unique 2-step pipeline:

Step 1: Run bare SPL → fetch actual row data
Step 2: Format rows as key=value → embed in the | ai prompt parameter

The model runs inside the Splunk cluster; raw sensor data never leaves, Cedrix receives only the AI text result.

Supported models: Foundation-Sec-1.1-8B-Instruct (cybersecurity), OpenAI GPT-OSS 20B (general, default), OpenAI GPT-OSS 120B (high capacity).
Requirement: Splunk AI Toolkit 5.7+ (cloud: 5.7+, on-prem: 5.7.3+)

Cedrix supports the following providers:

• On-Board AI: Splunk Hosted AI (Foundation-Sec-1.1-8B, GPT-OSS 20B/120B) — zero egress
• Cloud AI: Anthropic Claude (Sonnet/Opus/Haiku), OpenAI GPT-4o, Google Gemini, NVIDIA NIM
• Local AI: Ollama (localhost, no internet required, air-gap support)

All providers are managed through the same adapter interface; changing providers does not affect existing conversation history.

Pilot installation ~30 minutes.

Requirements:
• Splunk Enterprise 10.x+ or Splunk Cloud
• Splunk AI Toolkit 5.7+ (for On-Board AI; cloud: 5.7+, on-prem: 5.7.3+)
• Splunk MCP Server (for Splunk connectivity)
• Windows 10/11 (Cedrix desktop application)
• Node.js 18.x+ (for source installation)

Steps: (1) Install AITK → (2) Run Cedrix-Setup-2.12.0.exe → (3) Set admin password → (4) Test MCP connection → (5) Create first SPL template → (6) Run first analysis

License options: Standard (1, 2, 3, or 12 months — 15-day grace period) and Trial (1 month). HWID-bound offline activation, no internet required.

For pricing and demo requests: info@cedrix.io

Yes. Cedrix operates without internet in three modes:

• On-Board AI: Splunk Hosted AI + AITK — everything runs inside Splunk
• Local AI: Ollama on localhost — fully isolated on the factory network
• Licensing: HMAC-SHA256 validation works offline

Features that work offline: customer management, template library, scheduled tasks (local), chat history.

No. Cedrix automatically detects a Splunk MCP Server installation and routes all queries through HTTPS-based MCP. Port 8089 does not need to be open — this resolves the Splunk Cloud firewall limitation.

Tool routing: splunk_search → splunk_run_query (MCP), splunk_get_indexes → splunk_get_indexes (MCP). Built-in REST tools are automatically disabled when MCP is active.