You're reading from Data Analytics Using Splunk 9.x A practical guide to implementing Splunk's features for performing data analysis at scale

Product type Paperback

Published in Jan 2023

Publisher Packt

ISBN-13 9781803249414

Length 336 pages

Edition 1st Edition

Tools

Splunk

Concepts

Data Analysis

Author (1):

Dr. Nadine Shillingford

View More author details

Table of Contents (18) Chapters

Preface

1. Part 1: Getting Started with Splunk

2. Chapter 1: Introduction to Splunk and its Core Components FREE CHAPTER

3. Chapter 2: Setting Up the Splunk Environment

4. Chapter 3: Onboarding and Normalizing Data

5. Part 2: Visualizing Data with Splunk

6. Chapter 4: Introduction to SPL

7. Chapter 5: Reporting Commands, Lookups, and Macros

8. Chapter 6: Creating Tables and Charts Using SPL

9. Chapter 7: Creating Dynamic Dashboards

10. Part 3: Advanced Topics in Splunk

11. Chapter 8: Licensing, Indexing, and Buckets

12. Chapter 9: Clustering and Advanced Administration

13. Chapter 10: Data Models, Acceleration, and Other Ways to Improve Performance

14. Chapter 11: Multisite Splunk Deployments and Federated Search

15. Chapter 12: Container Management

16. Index

Why subscribe?

17. Other Books You May Enjoy

Summary

We focused on writing Splunk queries in this chapter. Before looking at the queries, we explored the Splunk search interface in the Search and Reporting app. We looked at seven different parts of the search interface, including the search bar, interesting fields, and time picker. We wrote simple filters using key/value conditions, including specifying the index and sourcetype in the index=botsv1 sourcetype=iis query. We also learned how we can increase the complexity of our queries using the pipe symbol. We then used this knowledge to get more out of our searches by using the pipe symbol and introducing commands such as eval, fields, regex, and rex. The eval command can be used with a variety of Splunk functions, including round() and lower(), which work on numerical and string values, respectively. Commands such as rex can be used to extract values from Splunk events using regular expressions.

We will explore more advanced reporting commands in Chapter 5, Reporting Commands...

The rest of the chapter is locked

You're reading from Data Analytics Using Splunk 9.x A practical guide to implementing Splunk's features for performing data analysis at scale

Table of Contents (18) Chapters

Summary

Authors (1)

Personalised recommendations for you

You're reading from Data Analytics Using Splunk 9.x A practical guide to implementing Splunk's features for performing data analysis at scale

Table of Contents (18) Chapters

Summary

Unlock this book and the full library FREE for 7 days

Authors (1)

Personalised recommendations for you