Mastering Splunk

Optimize your machine-generated data effectively by developing advanced analytics with Splunk

Mastering Splunk

This ebook is included in a Mapt subscription
James D. Miller

1 customer reviews
Optimize your machine-generated data effectively by developing advanced analytics with Splunk
$10.00
$49.99
RRP $29.99
RRP $49.99
eBook
Print + eBook
Access every Packt eBook & Video for just $100
 
  • 4,000+ eBooks & Videos
  • 40+ New titles a month
  • 1 Free eBook/Video to keep every month
Find Out More
 
Code Files
Preview in Mapt

Book Details

ISBN 139781782173830
Paperback344 pages

Book Description

Splunk is the definitive technology solution used to manage the ever-growing volumes of machine-generated data. This technology is indispensable for industries involved in big data analysis, online services, education, finance, healthcare, retail, and telecommunications. So, having Splunk experience will be relevant for a long time to come!

This book will first take you through the evolution of Splunk and how it fits into an organization's architectural roadmap. Master advanced search topics and explore in-depth methods to leverage Splunk tables, charts, fields, and other cases. As we advance through the chapters, you will master the best practices of values and lookups, indexes, business effective dashboards, and discover the cornerstones of how to evolve your current Splunk application and its monitoring capabilities. Finally, we round things off with the discussion of transactions from an enterprise perspective.

You'll now be able to apply and integrate advanced techniques of Splunk to optimize your data and meet your strategic organizational demands.

Table of Contents

Chapter 1: The Application of Splunk
The definition of Splunk
Universal file handling
Confidentiality and security
Conventional use cases
Splunk – outside the box
Splunk in action
Summary
Chapter 2: Advanced Searching
Searching in Splunk
Knowledge management
Subsearching
Searching with parameters
Splunk macros
Search results
Summary
Chapter 3: Mastering Tables, Charts, and Fields
Tables, charts, and fields
Splunk bucketing
Drilldowns
Pivot
Split
Column values
Pivot table formatting
A quick example
Sparklines
Summary
Chapter 4: Lookups
Introduction
Configuring a simple field lookup
Command roundup
Summary
Chapter 5: Progressive Dashboards
Creating effective dashboards
Form searching
Going back to dashboards
More on searching
Dynamic drilldowns
Real-world, real-time solutions
Summary
Chapter 6: Indexes and Indexing
The importance of indexing
What is a Splunk index?
Indexes, indexers, and clusters
Managing Splunk indexes
Dealing with multiple indexes
Deleting your indexes and indexed data
Configuring indexes
Moving your index database
Spreading out your Splunk index
Size matters
Hitting the limits
Summary
Chapter 7: Evolving your Apps
Basic applications
BYO or build your own apps
App FAQs
The end-to-end customization of Splunk
Preparation for app development
Summary
Chapter 8: Monitoring and Alerting
What to monitor
Advanced monitoring
Location, location, location
Leveraging your forwarders
Can I use apps?
Windows inputs in Splunk
Getting started with monitoring
What does Splunk do with the data it monitors?
Splunk
Viewing the Splunk Deployment Monitor app
All about alerts
Editing alerts
Scheduled or real time
Extended functionalities
Summary
Chapter 9: Transactional Splunk
Transactions and transaction types
Transaction search
Advanced use of transactions
Summary
Chapter 10: Splunk – Meet the Enterprise
General concepts
Best practices
Definition of Splunk knowledge
Strategic knowledge management
Splunk object management with knowledge management
Naming conventions for documentation
Testing
Retrofitting
The enterprise vision
Summary

What You Will Learn

  • Get started in the most efficient way, become proficient, and ultimately master Splunk
  • Master the techniques to create advanced-level Splunk search strings
  • Easily leverage advanced tables, charts, and fields to organize your data
  • Understand Splunk lookups and how they relate to enterprise development
  • Build practical dashboards with your data
  • Acquire master-level understanding of Splunk indexes and indexing
  • Build your own Splunk apps and learn why they are important
  • Compare Splunk's abilities with other monitoring tools in terms of monitoring data and alerts
  • Understand what Splunk transactions are and how to use them to optimize your corporate data

Authors

Table of Contents

Chapter 1: The Application of Splunk
The definition of Splunk
Universal file handling
Confidentiality and security
Conventional use cases
Splunk – outside the box
Splunk in action
Summary
Chapter 2: Advanced Searching
Searching in Splunk
Knowledge management
Subsearching
Searching with parameters
Splunk macros
Search results
Summary
Chapter 3: Mastering Tables, Charts, and Fields
Tables, charts, and fields
Splunk bucketing
Drilldowns
Pivot
Split
Column values
Pivot table formatting
A quick example
Sparklines
Summary
Chapter 4: Lookups
Introduction
Configuring a simple field lookup
Command roundup
Summary
Chapter 5: Progressive Dashboards
Creating effective dashboards
Form searching
Going back to dashboards
More on searching
Dynamic drilldowns
Real-world, real-time solutions
Summary
Chapter 6: Indexes and Indexing
The importance of indexing
What is a Splunk index?
Indexes, indexers, and clusters
Managing Splunk indexes
Dealing with multiple indexes
Deleting your indexes and indexed data
Configuring indexes
Moving your index database
Spreading out your Splunk index
Size matters
Hitting the limits
Summary
Chapter 7: Evolving your Apps
Basic applications
BYO or build your own apps
App FAQs
The end-to-end customization of Splunk
Preparation for app development
Summary
Chapter 8: Monitoring and Alerting
What to monitor
Advanced monitoring
Location, location, location
Leveraging your forwarders
Can I use apps?
Windows inputs in Splunk
Getting started with monitoring
What does Splunk do with the data it monitors?
Splunk
Viewing the Splunk Deployment Monitor app
All about alerts
Editing alerts
Scheduled or real time
Extended functionalities
Summary
Chapter 9: Transactional Splunk
Transactions and transaction types
Transaction search
Advanced use of transactions
Summary
Chapter 10: Splunk – Meet the Enterprise
General concepts
Best practices
Definition of Splunk knowledge
Strategic knowledge management
Splunk object management with knowledge management
Naming conventions for documentation
Testing
Retrofitting
The enterprise vision
Summary

Book Details

ISBN 139781782173830
Paperback344 pages
Read More
From 1 reviews

Read More Reviews

Recommended for You

Advanced Penetration Testing for Highly-Secured Environments: The Ultimate Security Guide Book Cover
Advanced Penetration Testing for Highly-Secured Environments: The Ultimate Security Guide
$ 10.00