The Home app
After logging in, the default app is Home. This app is a launching pad for apps and tutorials.
The Welcome tab provides two important shortcuts, Add data and Launch search app. These links appear again on the second tab, Splunk Home.
The Your Apps section shows the apps that have GUI elements on your instance of Splunk.
Note
App is an overloaded term in Splunk. An app doesn't necessarily have a GUI at all; it is simply a collection of configurations wrapped into a directory structure that means something to Splunk. We will discuss apps in a more detailed manner in Chapter 7, Working with Apps.
Under Do more with Splunk, we find:
Add data: This links to the Add Data to Splunk page. This interface is a great start for getting local data flowing into Splunk. The new Preview data interface takes an enormous amount of complexity out of configuring dates and line breaking. We won't go through those interfaces here, but we will go through the configuration files that these wizards produce in Chapter 10, Configuring Splunk.
Find more apps: This allows you to find and install more apps from Splunkbase. Splunkbase (http://splunk-base.splunk.com/) is a very useful community-driven resource where Splunk users and Splunk employees post questions, answers, code snippets, and apps.
Manage Splunk takes the user to the Manager section of Splunk. The Manager section is used to configure most aspects of Splunk. The options provided change depending on the capabilities of the user. We will use the Manager section throughout the book as we learn about different objects.
Getting started tutorial provides a quick but thorough overview of the major functionality of Splunk.
Splunk documentation takes you to the official Splunk documentation. The documentation, hosted at splunk.com, is truly vast.
Note
Two quick notes about the Splunk documentation:
To get to documentation for search and reporting commands, quick help is provided while searching, and a link to the documentation for that command is provided through the interface.
When working directly with configuration files, the fastest route to the documentation for that file is to search for splunk name.conf using your favorite search engine. The documentation is almost always the first link.
Splunk answers goes to the Splunkbase site we just mentioned. Splunkbase and Splunk Answers used to be different sites but were merged into one site.
