Subscription

Explore Products

Best Sellers

New Releases

Books

Videos

Audiobooks

Learning Hub

Conferences

Free Learning

You're reading from Splunk Operational Intelligence Cookbook Over 80 recipes for transforming your data into business-critical insights using Splunk

Product type Paperback

Published in May 2018

Publisher

ISBN-13 9781788835237

Length 541 pages

Edition 3rd Edition

Languages

JavaScript

Tools

Splunk

Concepts

Operational Intelligence

Authors (4):

Yogesh Raheja

Josh Diakun

Derek Mock

Paul R. Johnson

View More author details

Table of Contents (12) Chapters

Preface

1. Play Time – Getting Data In

2. Diving into Data – Search and Report FREE CHAPTER

3. Dashboards and Visualizations - Make Data Shine

4. Building an Operational Intelligence Application

5. Extending Intelligence – Datasets, Modeling and Pivoting

6. Diving Deeper – Advanced Searching, Machine Learning and Predictive Analytics

7. Enriching Data – Lookups and Workflows

8. Being Proactive – Creating Alerts

9. Speeding Up Intelligence – Data Summarization

10. Above and Beyond – Customization, Web Framework, HTTP Event Collector, REST API, and SDKs

11. Other Books You May Enjoy

Leave a review - let other readers know what you think

Introduction

In many of the previous chapters, we leveraged Splunk's Search Processing Language (SPL) quite a bit to build searches, reports, and dashboards. In this chapter, we will learn about datasets and will focus on leveraging Splunk's Data Model and Pivot functionality. We will demonstrate how datasets can be leveraged by less technical users to easily build reports, charts, and dashboards.

A dataset in Splunk is best described as a collection of user-defined data that can be leveraged for a specific purpose. Datasets can be viewed and managed from the Datasets Listing page, available from the default menu bar in any Splunk application. There are currently three types of dataset in Splunk:

Lookup Datasets
Table Datasets
Data Model Datasets

These three types of dataset can be visualized using Splunk's Pivot tool and allow users to create dynamic reports...

The rest of the chapter is locked

A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.

Unlock this book and the full library FREE for 7 days

Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of

Start free trial

Renews at $19.99/month. Cancel anytime

Authors (4)

Raheja

Yogesh Raheja - - DevOps, Automation and Cloud Coach and Consultant Yogesh Raheja is a certified DevOps and cloud expert with a decade of IT experience. He has expertise in technologies such as OS, source code management, build & release tools, continuous integration/deployment/delivery tools, containers, configuration management tools, monitoring, logging tools, and public/private clouds. He loves to share his technical expertise with audience worldwide at various forums, conferences, webinars, blogs, and LinkedIn. He has written books on IT automation named "Effective DevOps with AWS", "Automation with Puppet 5" and "Automation with Ansible" which has been published by "John & Wiley" and "Packt Publisher". He has also reviewed some of the DevOps books for multiple Publishers.

See other products by Raheja

Derek Mock

Derek Mock is a software developer and big data architect who specializes in IT operations, information security, and cloud technologies. He has 15 years' experience developing and operating large enterprise-grade deployments and SaaS applications. He is a founding partner at Discovered Intelligence, a company specializing in data intelligence services and solutions. For the past 6 years, he has been leveraging Splunk as the core tool to deliver key operational intelligence. Derek is based in Toronto, Canada, and is a co-founder of the Splunk Toronto User Group.

See other products by Derek Mock

Josh Diakun

Josh Diakun is an IT operations and security specialist with a focus on creating data-driven operational processes. He has over 10 years of experience managing and architecting enterprise-grade IT environments. For the past 7 years, he has been architecting, deploying and developing on Splunk as the core platform for organizations to gain security and operational intelligence. Josh is a founding partner at Discovered Intelligence, a company specializing in data intelligence services and solutions. He is also a co-founder of the Splunk Toronto User Group.

See other products by Josh Diakun

Paul R. Johnson

Paul R Johnson has over 10 years of data intelligence experience in the areas of information security, operations, and compliance. He is a partner at Discovered Intelligence, a company specializing in data intelligence services and solutions. Paul previously worked for a Fortune 10 company, leading IT risk intelligence initiatives and managing a global Splunk deployment. Paul co-founded the Splunk Toronto User Group and lives and works in Toronto, Canada.

See other products by Paul R. Johnson