Chapter 1. Play Time – Getting Data In
In this chapter, we will cover the basic ways to get data into Splunk. You will learn about the following recipes:
- Indexing files and directories
- Getting data through network ports
- Using scripted inputs
- Using modular inputs
- Using the Universal Forwarder to gather data
- Loading the sample data for this book
- Defining field extractions
- Defining event types and tags
Introduction
The machine data that facilitates operational intelligence comes in many different forms and from many different sources. Splunk is able to collect and index data from many different sources, including log files written by web servers or business applications, syslog data streaming in from network devices, or the output of custom-developed scripts. Even data that looks complex at first can be easily collected, indexed, transformed, and presented back to you in real time.
This chapter will walk you through the basic recipes that will act as the building blocks to get the data...