Preface - Splunk Essentials (2015)

Splunk Essentials (2015)

Preface

Splunk Enterprise Software, or Splunk, is an extremely powerful tool for searching, exploring, and visualizing data of all types. Splunk is becoming increasingly popular, as more and more businesses, both large and small, discover its ease and usefulness. Analysts, managers, students, and others can quickly learn how to use the data from their systems, networks, web traffic, and social media to make attractive and informative reports.

This is a straightforward, practical, and quick introduction to Splunk that should have you making reports and gaining insights from your data in no time. Throughout the book, we have provided step-by-step instructions, pointers, and illustrations to help you on your way.

What this book covers

Chapter 1, Introducing Splunk, introduces you to Splunk Enterprise Software and its powerful capabilities.

Chapter 2, An Introduction to Indexing and Searching, explains indexing in Splunk and shows you how to do a simple search.

Chapter 3, More on Using Search, further develops your skills in using Splunk's search command.

Chapter 4, Reports in Splunk, shows you how to create reports and dashboards.

Chapter 5, Splunk Applications, explores the wide variety of Splunk apps and add-ons.

Chapter 6, Using the Twitter App, illustrates how to use the Twitter app for analyzing live Twitter data streams.

Chapter 7, Monitoring and Creating Alerts in Splunk, instructs you on how to monitor systems and create useful alerts that can help control processes and prevent problems.

What you need for this book

Most personal computers today can run Splunk easily. For more technical details see http://docs.splunk.com/Documentation/Splunk/6.1.5/Installation/Chooseyourplatform.

Who this book is for

Splunk Essentials is intended for the businessperson, analyst, or student who wants to quickly learn how to use Splunk to manage data. Perhaps you have heard about this technology that is being used quite often now in fields like systems analysis, cyber security, and machine data management. In a matter of hours, this book will help you understand how to bring in data of all types, store it, and use it to create effective reports and dashboards. It would be helpful to have a bit of familiarity with basic computer concepts, but no prior experience is required.

Conventions

In this book, you will find a number of text styles that distinguish between different kinds of information. Here are some examples of these styles and an explanation of their meaning:

Code words in text, database table names, folder names, filenames, file extensions, pathnames, dummy URLs, user input, and Twitter handles are shown as follows: "We can include other contexts through the use of the include directive."

A block of code is set as follows:

sourcetype=access* | timechart count(eval(action="purchase")) by categoryId usenull=f

Any command-line input or output is written as follows:

buttercupgames | timechart count by itemId limit=10

New terms and important words are shown in bold. Words that you see on the screen, for example, in menus or in dialog boxes, appear in the text like this: "Under List by tag name, click on "Add new."

Note

Warnings or important notes appear in a box like this.

Tip

Tips and tricks appear like this.