Mastering Splunk

Summary

An environment to learn in

Obtaining the Splunk software

Professional services

User conferences blogs and news groups

The "How-to" tutorials

The Splexicon

The support portal

Splunkbase

Splunk answers

www.splunk.com

The Splunk documentation

Certifications

Where and how to learn Splunk

Topics

Appendix A. Quick Start

Summary

The enterprise vision

Retrofitting

Testing

Naming conventions for documentation

Splunk object management with knowledge management

Strategic knowledge management

Definition of Splunk knowledge

Best practices

General concepts

Chapter 10. Splunk – Meet the Enterprise

Summary

Advanced use of transactions

Transaction search

Transactions and transaction types

Chapter 9. Transactional Splunk

Summary

Extended functionalities

Scheduled or real time

Editing alerts

All about alerts

Viewing the Splunk Deployment Monitor app

Splunk

What does Splunk do with the data it monitors?

Getting started with monitoring

Windows inputs in Splunk

Can I use apps?

Leveraging your forwarders

Location location location

Advanced monitoring

What to monitor

Chapter 8. Monitoring and Alerting

Summary

Preparation for app development

The end-to-end customization of Splunk

App FAQs

BYO or build your own apps

Basic applications

Chapter 7. Evolving your Apps

Summary

Hitting the limits

Size matters

Spreading out your Splunk index

Moving your index database

Configuring indexes

Deleting your indexes and indexed data

Dealing with multiple indexes

Managing Splunk indexes

Indexes indexers and clusters

What is a Splunk index?

The importance of indexing

Chapter 6. Indexes and Indexing

Summary

Real-world real-time solutions

Dynamic drilldowns

More on searching

Going back to dashboards

Form searching

Creating effective dashboards

Chapter 5. Progressive Dashboards

Summary

Command roundup

Configuring a simple field lookup

Introduction

Chapter 4. Lookups

Summary

Sparklines

A quick example

Pivot table formatting

Column values

Split

Pivot

Drilldowns

Splunk bucketing

Tables charts and fields

Chapter 3. Mastering Tables Charts and Fields

Summary

Search results

Splunk macros

Searching with parameters

Subsearching

Knowledge management

Searching in Splunk

Chapter 2. Advanced Searching

Summary

Splunk in action

Splunk – outside the box

Conventional use cases

Confidentiality and security

Universal file handling

The definition of Splunk

Chapter 1. The Application of Splunk

Customer support

Reader feedback

Conventions

Who this book is for

What you need for this book

What this book covers

Preface

Support files eBooks discount offers and more

www.PacktPub.com

About the Reviewers

About the Author

Credits

版权页

封面

封面

版权页

Credits

About the Author

About the Reviewers

www.PacktPub.com

Support files eBooks discount offers and more

Preface

What this book covers

What you need for this book

Who this book is for

Conventions

Reader feedback

Customer support

Chapter 1. The Application of Splunk

The definition of Splunk

Universal file handling

Confidentiality and security

Conventional use cases

Splunk – outside the box

Splunk in action

Summary

Chapter 2. Advanced Searching

Searching in Splunk

Knowledge management

Subsearching

Searching with parameters

Splunk macros

Search results

Summary

Chapter 3. Mastering Tables Charts and Fields

Tables charts and fields

Splunk bucketing

Drilldowns

Pivot

Split

Column values

Pivot table formatting

A quick example

Sparklines

Summary

Chapter 4. Lookups

Introduction

Configuring a simple field lookup

Command roundup

Summary

Chapter 5. Progressive Dashboards

Creating effective dashboards

Form searching

Going back to dashboards

More on searching

Dynamic drilldowns

Real-world real-time solutions

Summary

Chapter 6. Indexes and Indexing

The importance of indexing

What is a Splunk index?

Indexes indexers and clusters

Managing Splunk indexes

Dealing with multiple indexes

Deleting your indexes and indexed data

Configuring indexes

Moving your index database

Spreading out your Splunk index

Size matters

Hitting the limits

Summary

Chapter 7. Evolving your Apps

Basic applications

BYO or build your own apps

App FAQs

The end-to-end customization of Splunk

Preparation for app development

Summary

Chapter 8. Monitoring and Alerting

What to monitor

Advanced monitoring

Location location location

Leveraging your forwarders

Can I use apps?

Windows inputs in Splunk

Getting started with monitoring

What does Splunk do with the data it monitors?

Splunk

Viewing the Splunk Deployment Monitor app

All about alerts

Editing alerts

Scheduled or real time

Extended functionalities

Summary

Chapter 9. Transactional Splunk

Transactions and transaction types

Transaction search

Advanced use of transactions

Summary

Chapter 10. Splunk – Meet the Enterprise

General concepts

Best practices

Definition of Splunk knowledge

Strategic knowledge management

Splunk object management with knowledge management

Naming conventions for documentation

Testing

Retrofitting

The enterprise vision

Summary

Appendix A. Quick Start

Topics

Where and how to learn Splunk

Certifications

The Splunk documentation

www.splunk.com

Splunk answers

Splunkbase

The support portal

The Splexicon

The "How-to" tutorials

User conferences blogs and news groups

Professional services

Obtaining the Splunk software

An environment to learn in

Summary