You're reading from Data Analytics Using Splunk 9.x A practical guide to implementing Splunk's features for performing data analysis at scale

Product type Paperback

Published in Jan 2023

Publisher Packt

ISBN-13 9781803249414

Length 336 pages

Edition 1st Edition

Tools

Splunk

Concepts

Data Analysis

Author (1):

Dr. Nadine Shillingford

View More author details

Table of Contents (18) Chapters

Preface

1. Part 1: Getting Started with Splunk

2. Chapter 1: Introduction to Splunk and its Core Components FREE CHAPTER

3. Chapter 2: Setting Up the Splunk Environment

4. Chapter 3: Onboarding and Normalizing Data

5. Part 2: Visualizing Data with Splunk

6. Chapter 4: Introduction to SPL

7. Chapter 5: Reporting Commands, Lookups, and Macros

8. Chapter 6: Creating Tables and Charts Using SPL

9. Chapter 7: Creating Dynamic Dashboards

10. Part 3: Advanced Topics in Splunk

11. Chapter 8: Licensing, Indexing, and Buckets

12. Chapter 9: Clustering and Advanced Administration

13. Chapter 10: Data Models, Acceleration, and Other Ways to Improve Performance

14. Chapter 11: Multisite Splunk Deployments and Federated Search

15. Chapter 12: Container Management

16. Index

Why subscribe?

17. Other Books You May Enjoy

Preface

I started working with Splunk in late 2013 when I joined the security team of a healthcare company. They were getting ready to migrate from a home-grown Security Information and Event Management (SIEM) system to Splunk. As part of the preparation, we did the Splunk Knowledge Manager, Admin, and Enterprise Security courses. They were very interesting, and I looked forward to working with the tool. Fast forward 9 years, and I have used Splunk on multiple contracts. The use cases have ranged from security, healthcare, retail, and education. I have incorporated Splunk into the courses that I teach. I became a member of SplunkTrust. So when the publishers approached me with the proposal to write a book on Splunk, I accepted.

This book is an introduction to Splunk. I will guide you through the main components of Splunk. You will learn about indexes, indexing, and indexers. You learn about search heads and clusters. You will get an introduction to the Splunk Search Processing Language (SPL) using logs and use cases from the BOTS dataset. Are you ready?