You're reading from Data Analytics Using Splunk 9.x A practical guide to implementing Splunk's features for performing data analysis at scale

Product type Paperback

Published in Jan 2023

Publisher Packt

ISBN-13 9781803249414

Length 336 pages

Edition 1st Edition

Tools

Splunk

Concepts

Data Analysis

Author (1):

Dr. Nadine Shillingford

View More author details

Table of Contents (18) Chapters

Preface

1. Part 1: Getting Started with Splunk

2. Chapter 1: Introduction to Splunk and its Core Components FREE CHAPTER

3. Chapter 2: Setting Up the Splunk Environment

4. Chapter 3: Onboarding and Normalizing Data

5. Part 2: Visualizing Data with Splunk

6. Chapter 4: Introduction to SPL

7. Chapter 5: Reporting Commands, Lookups, and Macros

8. Chapter 6: Creating Tables and Charts Using SPL

9. Chapter 7: Creating Dynamic Dashboards

10. Part 3: Advanced Topics in Splunk

11. Chapter 8: Licensing, Indexing, and Buckets

12. Chapter 9: Clustering and Advanced Administration

13. Chapter 10: Data Models, Acceleration, and Other Ways to Improve Performance

14. Chapter 11: Multisite Splunk Deployments and Federated Search

15. Chapter 12: Container Management

16. Index

Why subscribe?

17. Other Books You May Enjoy

Conventions used

There are a number of text conventions used throughout this book.

Code in text: Indicates code words in text, database table names, folder names, filenames, file extensions, pathnames, dummy URLs, user input, and Twitter handles. Here is an example: “Find the [general] stanza and replace the serverName value with forwarder1.”

A block of code is set as follows:

index=botsv1 earliest=0
index=botsv1 sourcetype=iis http_referer=*
index=botsv1 earliest=0 sourcetype=suricata
| eval bytes=bytes_in+bytes_out
index=botsv1 earliest=0 sourcetype=iis referer_domain=*
| table _time, cs_Referer, referer_domain
index=botsv1 earliest=0 sourcetype="WinEventLog:Security"
| stats count by Account_Name

When we wish to draw your attention to a particular part of a code block, the relevant lines or items are set in bold:

index=botsv1 earliest=0 sourcetype=iis c_ip="23.22.63.114" OR c_ip="52.23.25.56"
| <transforming commands>
| search...

Any command-line input or output is written as follows:

/opt/splunk/bin/splunk set servername indexer
/opt/splunk/bin/splunk set default-hostname indexer
/opt/splunk/bin/splunk restart

Bold: Indicates a new term, an important word, or words that you see onscreen. For instance, words in menus or dialog boxes appear in bold. Here is an example: “Click on the orange Confirm Changes button to continue.”

Tips or important notes

Appear like this.

The rest of the chapter is locked

You're reading from Data Analytics Using Splunk 9.x A practical guide to implementing Splunk's features for performing data analysis at scale

Table of Contents (18) Chapters

Conventions used

Authors (1)

Personalised recommendations for you

You're reading from Data Analytics Using Splunk 9.x A practical guide to implementing Splunk's features for performing data analysis at scale

Table of Contents (18) Chapters

Conventions used

Unlock this book and the full library FREE for 7 days

Authors (1)

Personalised recommendations for you