Subscription

Explore Products

Best Sellers

New Releases

Books

Videos

Audiobooks

Learning Hub

Conferences

Free Learning

You're reading from Splunk 7 Essentials, Third Edition Demystify machine data by leveraging datasets, building reports, and sharing powerful insights

Product type Paperback

Published in Mar 2018

Publisher Packt

ISBN-13 9781788839112

Length 220 pages

Edition 3rd Edition

Languages

C++

Tools

Splunk

Concepts

Operational Intelligence

Authors (4):

Erickson Delgado

Steven Koelpin

J-P Contreras

Betsy Page Sigman

View More author details

Table of Contents (10) Chapters

Preface

1. Splunk – Getting Started

2. Bringing in Data FREE CHAPTER

3. Search Processing Language

4. Reporting, Alerts, and Search Optimization

5. Dynamic Dashboarding

6. Data Models and Pivot

7. HTTP Event Collector

8. Best Practices and Advanced Queries

9. Taking Splunk to the Organization

Creating and scheduling reports

In this chapter, you have learned three very important things: classifying raw events using Event Types, classifying data using Tags, and enriching data using Lookups. These, in addition to good SPL, constitute essential elements you need to use Splunk in an efficient manner.

Splunk reports are saved searches which can be shared to others or used as a dashboard panel. Reports can be scheduled periodically and perform an action upon completion, such as sending an email with the report results.

Reports can be configured to display search results in a statistical table, as well as visualization charts. A report is created using the search command line or through a Pivot. Here we will create a report using the search command line:

In the Destinations app's search page, run the following search:

SPL> eventtype=bad_logins | top client_ip

The...

The rest of the chapter is locked

A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.

Unlock this book and the full library FREE for 7 days

Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of

Start free trial

Renews at R$50/month. Cancel anytime

Authors (4)

J-P Contreras

J-P Contreras, a Splunk-certified administrator and sales engineer, has delivered value-oriented data analytics and performance planning solutions for 20+ years. He has built award-winning consulting teams to help companies turn data into analytical insights. He helps companies implement Splunk and enjoys everything the Splunk community offers. He received his MBA in e-commerce from DePaul University's Kellstadt Graduate School of Business, Chicago, in 2001. He trains in DePaul's Continuing Education Program and is a member of DePaul's Driehaus School of Business Advisory Board. He'd like to thank his family, especially his wife and children, and close friends for making life so enjoyable.

See other products by J-P Contreras

Steven Koelpin

See other products by Steven Koelpin

Erickson Delgado

Erickson Delgado is an enterprise architect who loves to mine and analyze data. He began using Splunk in version 4.0 and has pioneered its use into his current work. He has worked with start-up companies in the Philippines to help build their open source infrastructure. He has developed applications with Python and node.js and is interested in Go and recovering programming with C/C++. In the recent years, he engaged himself in employing DevOps in his work. He blows off steam by saltwater fishing, mountain biking, crafting robots, and touring the country. He lives in Orlando.

See other products by Erickson Delgado

Betsy Page Sigman

Betsy Page Sigman is a distinguished professor at the McDonough School of Business at Georgetown University in Washington, D.C. She has taught courses in statistics, project management, databases, and electronic commerce for the last 16 years, and has been recognized with awards for teaching and service. She has also worked at George Mason University in the past. Her recent publications include a Harvard Business case study and a Harvard Business review article. Additionally, she is a frequent media commentator on technological issues and big data.

See other products by Betsy Page Sigman