Chapter 2. Diving into Data – Search and Report
In this chapter, we will cover the basic ways to search data in Splunk. We will cover the following recipes:
- Making raw event data readable
- Finding the most accessed web pages
- Finding the most used web browsers
- Identifying the top-referring websites
- Charting web page response codes
- Displaying web page response time statistics
- Listing the top-viewed products
- Charting the application's functional performance
- Charting the application's memory usage
- Counting the total number of database connections
Introduction
In the previous chapter, we learned about the various ways to get data into Splunk. In this chapter, we will dive right into the data and get our hands dirty.
The ability to search machine data is one of Splunk's core functions, and it should come as no surprise that many other features and functions of Splunk are heavily driven-off searches. Everything from basic reports and dashboards to data models and fully featured...