Splunk Operational Intelligence Cookbook - Second Edition

Over 70 practical recipes to gain operational data intelligence with Splunk Enterprise

Splunk Operational Intelligence Cookbook - Second Edition

This ebook is included in a Mapt subscription
Josh Diakun, Paul R Johnson, Derek Mock

1 customer reviews
Over 70 practical recipes to gain operational data intelligence with Splunk Enterprise
$10.00
$54.99
RRP $43.99
RRP $54.99
eBook
Print + eBook
Access every Packt eBook & Video for just $100
 
  • 4,000+ eBooks & Videos
  • 40+ New titles a month
  • 1 Free eBook/Video to keep every month
Find Out More
 
Preview in Mapt

Book Details

ISBN 139781785284991
Paperback436 pages

Book Description

Splunk makes it easy for you to take control of your data, and with Splunk Operational Cookbook, you can be confident that you are taking advantage of the Big Data revolution and driving your business with the cutting edge of operational intelligence and business analytics.

With more than 70 recipes that demonstrate all of Splunk’s features, not only will you find quick solutions to common problems, but you’ll also learn a wide range of strategies and uncover new ideas that will make you rethink what operational intelligence means to you and your organization.

You’ll discover recipes on data processing, searching and reporting, dashboards, and visualizations to make data shareable, communicable, and most importantly meaningful. You’ll also find step-by-step demonstrations that walk you through building an operational intelligence application containing vital features essential to understanding data and to help you successfully integrate a data-driven way of thinking in your organization.

Throughout the book, you’ll dive deeper into Splunk, explore data models and pivots to extend your intelligence capabilities, and perform advanced searching to explore your data in even more sophisticated ways. Splunk is changing the business landscape, so make sure you’re taking advantage of it.

Table of Contents

Chapter 1: Play Time – Getting Data In
Introduction
Indexing files and directories
Getting data through network ports
Using scripted inputs
Using modular inputs
Using the Universal Forwarder to gather data
Loading the sample data for this book
Defining field extractions
Defining event types and tags
Chapter 2: Diving into Data – Search and Report
Introduction
Making raw event data readable
Finding the most accessed web pages
Finding the most used web browsers
Identifying the top-referring websites
Charting web page response codes
Displaying web page response time statistics
Listing the top viewed products
Charting the application's functional performance
Charting the application's memory usage
Counting the total number of database connections
Chapter 3: Dashboards and Visualizations – Making Data Shine
Introduction
Creating an Operational Intelligence dashboard
Using a pie chart to show the most accessed web pages
Displaying the unique number of visitors
Using a gauge to display the number of errors
Charting the number of method requests by type and host
Creating a timechart of method requests, views, and response times
Using a scatter chart to identify discrete requests by size and response time
Creating an area chart of the application's functional statistics
Using a bar chart to show the average amount spent by category
Creating a line chart of item views and purchases over time
Chapter 4: Building an Operational Intelligence Application
Introduction
Creating an Operational Intelligence application
Adding dashboards and reports
Organizing the dashboards more efficiently
Dynamically drilling down on activity reports
Creating a form for searching web activity
Linking web page activity reports to the form
Displaying a geographical map of visitors
Scheduling PDF delivery of a dashboard
Chapter 5: Extending Intelligence – Data Models and Pivoting
Introduction
Creating a data model for web access logs
Creating a data model for application logs
Accelerating data models
Pivoting total sales transactions
Pivoting purchases by geographic location
Pivoting slowest responding web pages
Pivot charting top error codes
Chapter 6: Diving Deeper – Advanced Searching
Introduction
Calculating the average session time on a website
Calculating the average execution time for multi-tier web requests
Displaying the maximum concurrent checkouts
Analyzing the relationship of web requests
Predicting website traffic volumes
Finding abnormally-sized web requests
Identifying potential session spoofing
Chapter 7: Enriching Data – Lookups and Workflows
Introduction
Looking up product code descriptions
Flagging suspect IP addresses
Creating a session state table
Adding hostnames to IP addresses
Searching ARIN for a given IP address
Triggering a Google search for a given error
Creating a ticket for application errors
Looking up inventory from an external database
Chapter 8: Being Proactive – Creating Alerts
Introduction
Alerting on abnormal web page response times
Alerting on errors during checkout in real time
Alerting on abnormal user behavior
Alerting on failure and triggering a scripted response
Alerting when predicted sales exceed inventory
Chapter 9: Speeding Up Intelligence – Data Summarization
Introduction
Calculating an hourly count of sessions versus completed transactions
Backfilling the number of purchases by city
Displaying the maximum number of concurrent sessions over time
Chapter 10: Above and Beyond – Customization, Web Framework, REST API, HTTP Event Collector, and SDKs
Introduction
Customizing the application navigation
Adding a force-directed graph of web hits
Adding a calendar heatmap of product purchases
Adding cell highlighting of average product price
Remotely querying Splunk's REST API for unique page views
Creating a Python application to return unique IP addresses
Creating a custom search command to format product names
Collecting data from remote scanning devices

What You Will Learn

  • Use Splunk to gather, analyze, and report on data
  • Create dashboards and visualizations that make data meaningful
  • Build an operational intelligence application with extensive features and functionality
  • Enrich operational data with lookups and workflows
  • Model and accelerate data and perform pivot-based reporting
  • Build real-time, scripted, and other intelligence-driven alerts
  • Summarize data for longer term trending, reporting, and analysis
  • Integrate advanced JavaScript charts and leverage Splunk's API

Authors

Table of Contents

Chapter 1: Play Time – Getting Data In
Introduction
Indexing files and directories
Getting data through network ports
Using scripted inputs
Using modular inputs
Using the Universal Forwarder to gather data
Loading the sample data for this book
Defining field extractions
Defining event types and tags
Chapter 2: Diving into Data – Search and Report
Introduction
Making raw event data readable
Finding the most accessed web pages
Finding the most used web browsers
Identifying the top-referring websites
Charting web page response codes
Displaying web page response time statistics
Listing the top viewed products
Charting the application's functional performance
Charting the application's memory usage
Counting the total number of database connections
Chapter 3: Dashboards and Visualizations – Making Data Shine
Introduction
Creating an Operational Intelligence dashboard
Using a pie chart to show the most accessed web pages
Displaying the unique number of visitors
Using a gauge to display the number of errors
Charting the number of method requests by type and host
Creating a timechart of method requests, views, and response times
Using a scatter chart to identify discrete requests by size and response time
Creating an area chart of the application's functional statistics
Using a bar chart to show the average amount spent by category
Creating a line chart of item views and purchases over time
Chapter 4: Building an Operational Intelligence Application
Introduction
Creating an Operational Intelligence application
Adding dashboards and reports
Organizing the dashboards more efficiently
Dynamically drilling down on activity reports
Creating a form for searching web activity
Linking web page activity reports to the form
Displaying a geographical map of visitors
Scheduling PDF delivery of a dashboard
Chapter 5: Extending Intelligence – Data Models and Pivoting
Introduction
Creating a data model for web access logs
Creating a data model for application logs
Accelerating data models
Pivoting total sales transactions
Pivoting purchases by geographic location
Pivoting slowest responding web pages
Pivot charting top error codes
Chapter 6: Diving Deeper – Advanced Searching
Introduction
Calculating the average session time on a website
Calculating the average execution time for multi-tier web requests
Displaying the maximum concurrent checkouts
Analyzing the relationship of web requests
Predicting website traffic volumes
Finding abnormally-sized web requests
Identifying potential session spoofing
Chapter 7: Enriching Data – Lookups and Workflows
Introduction
Looking up product code descriptions
Flagging suspect IP addresses
Creating a session state table
Adding hostnames to IP addresses
Searching ARIN for a given IP address
Triggering a Google search for a given error
Creating a ticket for application errors
Looking up inventory from an external database
Chapter 8: Being Proactive – Creating Alerts
Introduction
Alerting on abnormal web page response times
Alerting on errors during checkout in real time
Alerting on abnormal user behavior
Alerting on failure and triggering a scripted response
Alerting when predicted sales exceed inventory
Chapter 9: Speeding Up Intelligence – Data Summarization
Introduction
Calculating an hourly count of sessions versus completed transactions
Backfilling the number of purchases by city
Displaying the maximum number of concurrent sessions over time
Chapter 10: Above and Beyond – Customization, Web Framework, REST API, HTTP Event Collector, and SDKs
Introduction
Customizing the application navigation
Adding a force-directed graph of web hits
Adding a calendar heatmap of product purchases
Adding cell highlighting of average product price
Remotely querying Splunk's REST API for unique page views
Creating a Python application to return unique IP addresses
Creating a custom search command to format product names
Collecting data from remote scanning devices

Book Details

ISBN 139781785284991
Paperback436 pages
Read More
From 1 reviews

Read More Reviews