Implementing Splunk : a comprehensive guide to help you transform big data into valuable business insights with Splunk 6.2 /
If you are a data analyst with basic knowledge of Big Data analysis but no knowledge of Splunk, then this book will help you get started with Splunk. The book assumes that you have access to a copy of Splunk, ideally not in production, and many examples also assume you have administrator rights.
Clasificación: | Libro Electrónico |
---|---|
Autores principales: | , |
Formato: | Electrónico eBook |
Idioma: | Inglés |
Publicado: |
Birmingham, UK :
Packt Publishing,
2015.
|
Edición: | Second edition. |
Colección: | Professional expertise distilled.
|
Temas: | |
Acceso en línea: | Texto completo Texto completo |
Tabla de Contenidos:
- Cover; Copyright; Credits; About the Authors; About the Reviewers; www.PacktPub.com; Table of Contents; Preface; Chapter 1: The Splunk Interface; Logging into Splunk; The home app; The top bar; The search & reporting app; Data generator; The summary view; Search; Actions; Timeline; The field picker; Fields; Search results; Options; The events viewer; Using the time picker; Using the field picker; The settings section; Summary; Chapter 2: Understanding Search; Using search terms effectively; Boolean and grouping operators; Clicking to modify your search; Event segmentation; Field widgets; Time.
- Using fields to searchUsing the field picker; Using wildcards efficiently; Supplementing wildcards in fields; All about time; How Splunk parses time; How Splunk stores time; How Splunk displays time; How time zones are determined and why it matters; Different ways to search against time; Presets; Relative; Real-time; Date range; Date and time range; Advanced; Specifying time in-line in your search; _indextime versus _time; Making searches faster; Sharing results with others; The URL; Save as report; Save as dashboard panel; Save as alert; Save as event type; Search job settings.
- Saving searches for reuseCreating alerts from searches; Enable actions; Action options; Sharing; Summary; Chapter 3: Tables, Charts, and Fields; About the pipe symbol; Using top to show common field values; Controlling the output of top; Using stats to aggregate values; Using chart to turn data; Using timechart to show values over time; The timechart options; Working with fields; A regular expression primer; Commands that create fields; eval; rex; Extracting loglevel; Using the extract fields interface; Using rex to prototype a field; Using the admin interface to build a field.
- Indexed fields versus extracted fieldsSummary; Chapter 4: Data Models and Pivots; What is a data model?; What does a data model search?; Data model objects; Object constraining; Attributes; Creating a data model; Filling in the new data model dialog; Editing attributes; Lookup attributes; Children; What is a pivot?; The pivot editor; Working with pivot elements; Filtering your pivots; Split (row or column); Column values; Pivot table formatting; A quick example; Sparklines; Summary; Chapter 5: Simple XML Dashboards; The purpose of dashboards; Using wizards to build dashboards.
- Adding another panelA cool trick; Converting the panel to a report; More options; Back to the dashboard; Add input; Edit source; Editing XML directly; UI examples app; Building forms; Creating a form from a dashboard; Driving multiple panels from one form; Post-processing search results; Post-processing limitations; Features replaced; Autorun dashboard; Scheduling the generation of dashboards; Summary; Chapter 6: Advanced Search Examples; Using subsearches to find loosely related events; Subsearch; Subsearch caveats; Nested subsearches; Using transaction.