Data
Reader small image

You're reading from  Splunk 7.x Quick Start Guide

Product typeBook
Published inNov 2018
PublisherPackt
ISBN-139781789531091
Edition1st Edition
Tools
Splunk
Concepts
Operational Intelligence
Right arrow
Author (1)
James H. Baxter
James H. Baxter
author image
James H. Baxter

James H Baxter is the owner/CEO of Machine Data Insights, Inc., a certified Splunk architect, and a developer and machine learning practitioner with over 35 years of experience in various engineering and analysis disciplines, including radio/satellite; networks; capacity and performance modelling; speech technology; packet-level analysis; programming; and Splunk architecture, administration, and machine learning solutions for companies including MCI, IBM, BP, Disney, and AMEX. James is also a private pilot and holds an Extra class amateur radio and FCC Radiotelephone license. You can reach him at LinkedIn at James H. Baxter.
Read more about James H. Baxter

Right arrow

Architecting Splunk

If you have just started learning Splunk, it is unlikely that you would be expected to architect and implement a complex Splunk solution, especially for a larger enterprise. Typically, such projects are advisedly executed with the assistance of experienced architects from Splunk professional services, a Splunk partner consultancy, or your own in-house architects. However, you may be championing an introductory Splunk sandbox or solution at your company, or joining an existing team and need to come up to speed quickly—in which case, this overview should be helpful.

The topics that will be covered in this chapter include the following:

  • Collecting the data needed for choosing an appropriate Splunk configuration
  • Understanding the different types of Splunk environments
  • Understanding replication and search factors
  • Introduction to indexing buckets
  • Considerations...

Selecting a Splunk configuration

At a high level, the type and size of the Splunk solution you build will depend mostly on two factors:

  • The volume of data you will be indexing each day
  • The peak number of concurrent searches that will be running

The volume of data indexed will be the average daily total of all the inputs from your various data sources—server logs, network and security devices, and so on. The number of concurrent searches includes both ad hoc searches from users, and the number of scheduled saved searches that will be running periodically to populate reports, dashboards, and alerts. To determine these factors you will need to collect some data from your user communities and do some fairly straightforward calculations.

Data collection – data inputs

...

Selecting Splunk hardware options

If you plan to implement and support your Splunk infrastructure internally (versus leveraging Splunk Cloud, wherein Splunk provides and manages the needed infrastructure for you), you will be building your solution on your own hardware platforms (physical or virtual servers), or on cloud-based instances (AWS, Azure, Google Cloud, and so on). For non-cloud environments, your organization will likely have a preferred hardware vendor that provides support options, so you will be selecting servers within the needed range of CPU, memory, and disk storage options from your vendor's offerings; cloud providers similarly offer a variety of sizing options.

Performance considerations

Splunk provides...

Summary

Whew! We've accomplished a lot of difficult work in this chapter—collecting data from our user groups, selecting the best Splunk configuration to build, learning enough about replication and search factors, indexing buckets, and search head clusters to inform our design decisions, and finally, selecting our hardware options and calculating how much disk space we'll need and how many indexers will be needed to support out expected data ingestion volumes.

After you take a short break, we'll get started installing and configuring our Splunk Enterprise deployment. Don't be long!

lock icon
The rest of the chapter is locked
Previous Chapter
Chapter 3 of 12
Next Chapter
You have been reading a chapter from
Splunk 7.x Quick Start Guide
Published in: Nov 2018Publisher: PacktISBN-13: 9781789531091
© 2018 Packt Publishing Limited All Rights Reserved
Register for a free Packt account to unlock a world of extra content!
A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.
Sign up now
undefined
Unlock this book and the full library FREE for 7 days
Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of
Start free trial
Renews at $15.99/month. Cancel anytime

Author (1)

author image
James H. Baxter

James H Baxter is the owner/CEO of Machine Data Insights, Inc., a certified Splunk architect, and a developer and machine learning practitioner with over 35 years of experience in various engineering and analysis disciplines, including radio/satellite; networks; capacity and performance modelling; speech technology; packet-level analysis; programming; and Splunk architecture, administration, and machine learning solutions for companies including MCI, IBM, BP, Disney, and AMEX. James is also a private pilot and holds an Extra class amateur radio and FCC Radiotelephone license. You can reach him at LinkedIn at James H. Baxter.
Read more about James H. Baxter

Other recommended products

Related to this chapter

Splunk 7 Essentials

Splunk 7 Essentials

This book will uncover the new features in Splunk 7 along with the best practices. You will learn to build navigable search operations, perform intuitive statistical analysis and design visually appealing dashboards for your IT infrastructure. With practical scenarios, you'll be able to design cohesive Splunk apps and deploy it to Splunk cloud.

BookMar 2018220 pages
Mastering Splunk 8

Mastering Splunk 8

This book will cover Splunk's offerings to efficiently capture, index, and correlate data from a searchable repository all in real-time to generate insightful graphs, reports, dashboards, and alerts. Developers and architects alike can be in high demand if they become experts with this tool.

BookDec 2020456 pages
Splunk Operational Intelligence Cookbook

Splunk Operational Intelligence Cookbook

This book demonstrates the power of Splunk 7.x to offer you quick solutions and strategies to bring efficient operational intelligence in your organization. Implement a wide range of tasks in recipe format to perform operations on machine data. Learn to achieve intelligent data-driven way using machine learning capabilities to explore complex data.

BookMay 2018541 pages
Implementing Splunk 7

Implementing Splunk 7

This book will help you implement Splunk 7's new services and will show you how to utilize them to quickly and efficiently process machine-generated big data. You will explore Splunk Cloud and the Machine Learning Toolkit and use them with ease throughout your organization. By the end of the book, you will have learned to implement these services in your tasks at work.

BookMar 2018576 pages

Personalised recommendations for you

Based on your interests and search pattern

Et al.

Et al.

Ever wonder why speech recognition systems don't understand the Scottish accent, or what would happen if an astronaut only ate mac 'n' cheese, or other spurious reflections you'd have at a bar? We did, then collated those deliberations into absurd research articles with fake figures and methodologies inspired by even more fictionally absurd studies.

BookAug 2023230 pages5
Generative AI with LangChain

Generative AI with LangChain

This book is a comprehensive introduction to LLMs and LangChain, demystifying the basic mechanics of LangChain, its functionalities, and the myriad of applications it can be integrated into.

BookDec 2023360 pages4
Generative AI with LangChain

Generative AI with LangChain

This book is a comprehensive introduction to LLMs and LangChain, demystifying the basic mechanics of LangChain, its functionalities, and the myriad of applications it can be integrated into.

BookDec 2023360 pages5
Generative AI with LangChain

Generative AI with LangChain

This book is a comprehensive introduction to LLMs and LangChain, demystifying the basic mechanics of LangChain, its functionalities, and the myriad of applications it can be integrated into.

BookDec 2023360 pages1
Generative AI with LangChain

Generative AI with LangChain

This book is a comprehensive introduction to LLMs and LangChain, demystifying the basic mechanics of LangChain, its functionalities, and the myriad of applications it can be integrated into.

BookDec 2023360 pages5
Mastering Tableau 2023

Mastering Tableau 2023

This book is a comprehensive resource to mastering your Tableau skills and becoming a BI expert. As you progress, you will learn how to build advanced dashboards and improve your storytelling to derive key business insight, as well as make you well-versed with advanced functionalities of Tableau in the business intelligence domain.

BookAug 2023684 pages
Building AI Applications with ChatGPT APIs

Building AI Applications with ChatGPT APIs

This guide covers all ChatGPT API features for effortless creation of robust AI powered apps. With its help, you’ll be able to leverage ChatGPT’s cutting-edge NLP models to take your app development skills to the next level. You’ll also work on ten exciting projects that will give you the practical know-how that you can apply to your existing applications.

BookSep 2023258 pages5
Building AI Applications with ChatGPT APIs

Building AI Applications with ChatGPT APIs

This guide covers all ChatGPT API features for effortless creation of robust AI powered apps. With its help, you’ll be able to leverage ChatGPT’s cutting-edge NLP models to take your app development skills to the next level. You’ll also work on ten exciting projects that will give you the practical know-how that you can apply to your existing applications.

BookSep 2023258 pages2
Data Engineering with AWS

Data Engineering with AWS

Embark on a journey to master data engineering pipelines on AWS! Our book offers a hands-on experience of AWS services for ingesting, transforming, and consuming data. Whether you're an absolute beginner or someone with basic data engineering experience, this guide is an indispensable resource.

BookOct 2023636 pages5
Modern Data Architecture on AWS

Modern Data Architecture on AWS

Every organization wants an agile, performant, and cost-effective data platform that meets all their current and future business needs. Purpose-built AWS analytics services and their features play a big part in building such a modern data platform. This book brings to you all the design and architectural patterns that’ll help you achieve this goal.

BookAug 2023420 pages5
Practical Guide to Applied Conformal Prediction in Python

Practical Guide to Applied Conformal Prediction in Python

Discover the power of Conformal Prediction with the "Practical Guide to Applied Conformal Prediction in Python." Master the latest techniques to quantify uncertainty in machine learning and computer vision models, and seamlessly apply them to your industry applications.

BookDec 2023240 pages
TinyML Cookbook

TinyML Cookbook

With over 70 project-based recipes, the TinyML Cookbook is a practical guide that will help you to get the most out of your microcontrollers. It provides a comprehensive understanding of the theoretical foundations while giving you hands-on experience training ML models for deployment on Arduino Nano 33 BLE Sense, Raspberry Pi Pico, and SparkFun RedBoard Artemis Nano microcontrollers.

BookNov 2023664 pages