Implementing Splunk : big data reporting and development for operational intelligence ... /
Learn to effectively use, configure, deploy and extend Splunk and implement its powerful capabilities.
Clasificación: | Libro Electrónico |
---|---|
Autor principal: | |
Formato: | Electrónico eBook |
Idioma: | Inglés |
Publicado: |
Birmingham :
Packt Pub.,
2013.
|
Colección: | Community experience distilled.
|
Temas: | |
Acceso en línea: | Texto completo (Requiere registro previo con correo institucional) |
Tabla de Contenidos:
- Table of Contents; Implementing Splunk: Big Data Reporting and Development for Operational Intelligence; Implementing Splunk: Big Data Reporting and Development for Operational Intelligence; Credits; About the Author; About the Reviewers; www.PacktPub.com; Support files, eBooks, discount offers and more; Why Subscribe?; Free Access for Packt account holders; Preface; What this book covers; What you need for this book; Who this book is for; Conventions; Reader feedback; Customer support; Downloading the example code; Errata; Piracy; Questions; 1. The Splunk Interface; Logging in to Splunk.
- The Home appThe top bar; Search app; Data generator; The Summary view; Search; Actions; Timeline; The field picker; Fields; Search results; Options; Events viewer; Using the time picker; Using the field picker; Using Manager; Summary; 2. Understanding Search; Using search terms effectively; Boolean and grouping operators; Clicking to modify your search; Event segmentation; Field widgets; Time; Using fields to search; Using the field picker; Using wildcards efficiently; Only trailing wildcards are efficient; Wildcards are tested last; Supplementing wildcards in fields; All about time.
- How Splunk parses timeHow Splunk stores time; How Splunk displays time; How time zones are determined and why it matters; Different ways to search against time; Specifying time in-line in your search; _indextime versus _time; Making searches faster; Sharing results with others; Saving searches for reuse; Creating alerts from searches; Schedule; Actions; Summary; 3. Tables, Charts, and Fields; About the pipe symbol; Using top to show common field values; Controlling the output of top; Using stats to aggregate values; Using chart to turn data; Using timechart to show values over time.
- Timechart optionsWorking with fields; A regular expression primer; Commands that create fields; eval; rex; Extracting loglevel; Using the Extract Fields interface; Using rex to prototype a field; Using the admin interface to build a field; Indexed fields versus extracted fields; Indexed field case 1
- rare instances of a common term; Indexed field case 2
- splitting words; Indexed field case 3
- application from source; Indexed field case 4
- slow requests; Indexed field case 5
- unneeded work; Summary; 4. Simple XML Dashboards; The purpose of dashboards; Using wizards to build dashboards.
- Scheduling the generation of dashboardsEditing the XML directly; UI Examples app; Building forms; Creating a form from a dashboard; Driving multiple panels from one form; Post-processing search results; Post-processing limitations; Panel 1; Panel 2; Panel 3; Final XML; Summary; 5. Advanced Search Examples; Using subsearches to find loosely related events; Subsearch; Subsearch caveats; Nested subsearches; Using transaction; Using transaction to determine the session length; Calculating the aggregate of transaction statistics; Combining subsearches with transaction; Determining concurrency.