E-book
Implementing Splunk : big data reporting and development for operational intelligence ... / Vincent Bumgarner.
Learn to effectively use, configure, deploy and extend Splunk and implement its powerful capabilities.
Record details
- ISBN: 9781849693295
- ISBN: 1849693293
- Physical Description: 1 online resource (908 pages)
- Publisher: Birmingham : Packt Pub., 2013.
Content descriptions
| Formatted Contents Note: | Table of Contents; Implementing Splunk: Big Data Reporting and Development for Operational Intelligence; Implementing Splunk: Big Data Reporting and Development for Operational Intelligence; Credits; About the Author; About the Reviewers; www.PacktPub.com; Support files, eBooks, discount offers and more; Why Subscribe?; Free Access for Packt account holders; Preface; What this book covers; What you need for this book; Who this book is for; Conventions; Reader feedback; Customer support; Downloading the example code; Errata; Piracy; Questions; 1. The Splunk Interface; Logging in to Splunk. The Home appThe top bar; Search app; Data generator; The Summary view; Search; Actions; Timeline; The field picker; Fields; Search results; Options; Events viewer; Using the time picker; Using the field picker; Using Manager; Summary; 2. Understanding Search; Using search terms effectively; Boolean and grouping operators; Clicking to modify your search; Event segmentation; Field widgets; Time; Using fields to search; Using the field picker; Using wildcards efficiently; Only trailing wildcards are efficient; Wildcards are tested last; Supplementing wildcards in fields; All about time. How Splunk parses timeHow Splunk stores time; How Splunk displays time; How time zones are determined and why it matters; Different ways to search against time; Specifying time in-line in your search; _indextime versus _time; Making searches faster; Sharing results with others; Saving searches for reuse; Creating alerts from searches; Schedule; Actions; Summary; 3. Tables, Charts, and Fields; About the pipe symbol; Using top to show common field values; Controlling the output of top; Using stats to aggregate values; Using chart to turn data; Using timechart to show values over time. Timechart optionsWorking with fields; A regular expression primer; Commands that create fields; eval; rex; Extracting loglevel; Using the Extract Fields interface; Using rex to prototype a field; Using the admin interface to build a field; Indexed fields versus extracted fields; Indexed field case 1 -- rare instances of a common term; Indexed field case 2 -- splitting words; Indexed field case 3 -- application from source; Indexed field case 4 -- slow requests; Indexed field case 5 -- unneeded work; Summary; 4. Simple XML Dashboards; The purpose of dashboards; Using wizards to build dashboards. Scheduling the generation of dashboardsEditing the XML directly; UI Examples app; Building forms; Creating a form from a dashboard; Driving multiple panels from one form; Post-processing search results; Post-processing limitations; Panel 1; Panel 2; Panel 3; Final XML; Summary; 5. Advanced Search Examples; Using subsearches to find loosely related events; Subsearch; Subsearch caveats; Nested subsearches; Using transaction; Using transaction to determine the session length; Calculating the aggregate of transaction statistics; Combining subsearches with transaction; Determining concurrency. |
| Source of Description Note: | Print version record. |
Search for related items by subject
| Genre: | Electronic books. Electronic books. |
