Advanced Splunk

Master the art of getting the maximum out of your machine data using Splunk

Advanced Splunk

This ebook is included in a Mapt subscription
Ashish Kumar Tulsiram Yadav

3 customer reviews
Master the art of getting the maximum out of your machine data using Splunk
$39.99
$49.99
RRP $39.99
RRP $49.99
eBook
Print + eBook
Subscribe and access every Packt eBook & Video.
 
  • 4,000+ eBooks & Videos
  • 40+ New titles a month
  • 1 Free eBook/Video to keep every month
Start Free Trial
 
Code Files
Preview in Mapt

Book Details

ISBN 139781785884351
Paperback348 pages

Book Description

Master the power of Splunk and learn the advanced strategies to get the most out of your machine data with this practical advanced guide. Make sense of the hidden data of your organization – the insight of your servers, devices, logs, traffic and clouds. Advanced Splunk shows you how.

Dive deep into Splunk to find the most efficient solution to your data problems. Create the robust Splunk solutions you need to make informed decisions in big data machine analytics. From visualizations to enterprise integration, this well-organized high level guide has everything you need for Splunk mastery.

Start with a complete overview of all the new features and advantages of the latest version of Splunk and the Splunk Environment. Go hands on with uploading data, search commands for basic and advanced analytics, advanced visualization techniques, and dashboard customizing. Discover how to tweak Splunk to your needs, and get a complete overview on Enterprise Integration of Splunk with various analytics and visualization tools. Finally, discover how to set up and use all the new features of the latest version of Splunk.

Table of Contents

Chapter 1: What's New in Splunk 6.3?
Splunk's architecture
Search parallelization
Data integrity control
Intelligent job scheduling
The app key-value store
Splunk Enterprise Security
Authentication using SAML
Summary
Chapter 2: Developing an Application on Splunk
Splunk apps and technology add-ons
Developing a Splunk app
Developing a Splunk add-on
Managing Splunk apps and add-ons
Splunk apps from the app store
Summary
Chapter 3: On-boarding Data in Splunk
Deep diving into various input methods and sources
Adding data to Splunk – new interfaces
Data processing
Managing event segmentation
Improving the data input process
Summary
Chapter 4: Data Analytics
Data and indexes
Search
Subsearch
Time
Fields
Results
Summary
Chapter 5: Advanced Data Analytics
Reports
Geography and location
Anomalies
Predicting and trending
Correlation
Machine learning
Summary
Chapter 6: Visualization
Prerequisites – configuration settings
Tables
Single value
Charts
Drilldown
Summary
Chapter 7: Advanced Visualization
Sunburst sequence
Geospatial visualization
Punchcard visualization
Calendar heatmap visualization
The Sankey diagram
Parallel coordinates
The force directed graph
Custom chart overlay
Custom decorations
Summary
Chapter 8: Dashboard Customization
Dashboard controls
Multi-search management
Tokens
Null search swapper
Switcher
Summary
Chapter 9: Advanced Dashboard Customization
Layout customization
Custom look and feel
The custom alert action
Summary
Chapter 10: Tweaking Splunk
Index replication
Indexer auto-discovery
Sourcetype manager
Field extractor
Search history
Event pattern detection
Data acceleration
Splunk buckets
Search optimizations
Splunk health
Summary
Chapter 11: Enterprise Integration with Splunk
The Splunk SDK
Installing the Splunk SDK
The Splunk SDK for Python
Splunk with R for analytics
Splunk with Tableau for visualization
Summary
Chapter 12: What Next? Splunk 6.4
Storage optimization
Machine learning
Management and admin
Indexer and search head enhancement
Visualizations
Multi-search management
Enhanced alert actions
Summary

What You Will Learn

  • Find out how to develop and manage apps in Splunk
  • Work with important search commands to perform data analytics on uploaded data
  • Create visualizations in Splunk
  • Explore tweaking Splunk
  • Integrate Splunk with any pre-existing application to perform data crunching efficiently and in real time
  • Make your big data speak with analytics and visualizations using Splunk
  • Use SDK and Enterprise integration with tools such as R and Tableau

Authors

Table of Contents

Chapter 1: What's New in Splunk 6.3?
Splunk's architecture
Search parallelization
Data integrity control
Intelligent job scheduling
The app key-value store
Splunk Enterprise Security
Authentication using SAML
Summary
Chapter 2: Developing an Application on Splunk
Splunk apps and technology add-ons
Developing a Splunk app
Developing a Splunk add-on
Managing Splunk apps and add-ons
Splunk apps from the app store
Summary
Chapter 3: On-boarding Data in Splunk
Deep diving into various input methods and sources
Adding data to Splunk – new interfaces
Data processing
Managing event segmentation
Improving the data input process
Summary
Chapter 4: Data Analytics
Data and indexes
Search
Subsearch
Time
Fields
Results
Summary
Chapter 5: Advanced Data Analytics
Reports
Geography and location
Anomalies
Predicting and trending
Correlation
Machine learning
Summary
Chapter 6: Visualization
Prerequisites – configuration settings
Tables
Single value
Charts
Drilldown
Summary
Chapter 7: Advanced Visualization
Sunburst sequence
Geospatial visualization
Punchcard visualization
Calendar heatmap visualization
The Sankey diagram
Parallel coordinates
The force directed graph
Custom chart overlay
Custom decorations
Summary
Chapter 8: Dashboard Customization
Dashboard controls
Multi-search management
Tokens
Null search swapper
Switcher
Summary
Chapter 9: Advanced Dashboard Customization
Layout customization
Custom look and feel
The custom alert action
Summary
Chapter 10: Tweaking Splunk
Index replication
Indexer auto-discovery
Sourcetype manager
Field extractor
Search history
Event pattern detection
Data acceleration
Splunk buckets
Search optimizations
Splunk health
Summary
Chapter 11: Enterprise Integration with Splunk
The Splunk SDK
Installing the Splunk SDK
The Splunk SDK for Python
Splunk with R for analytics
Splunk with Tableau for visualization
Summary
Chapter 12: What Next? Splunk 6.4
Storage optimization
Machine learning
Management and admin
Indexer and search head enhancement
Visualizations
Multi-search management
Enhanced alert actions
Summary

Book Details

ISBN 139781785884351
Paperback348 pages
Read More
From 3 reviews

Read More Reviews