Subscription

Explore Products

Best Sellers

New Releases

Books

Videos

Audiobooks

Learning Hub

Conferences

Free Learning

You're reading from Splunk Operational Intelligence Cookbook Over 80 recipes for transforming your data into business-critical insights using Splunk

Product type Paperback

Published in May 2018

Publisher

ISBN-13 9781788835237

Length 541 pages

Edition 3rd Edition

Languages

JavaScript

Tools

Splunk

Concepts

Operational Intelligence

Authors (4):

Yogesh Raheja

Josh Diakun

Derek Mock

Paul R. Johnson

View More author details

Table of Contents (12) Chapters

Preface

1. Play Time – Getting Data In

2. Diving into Data – Search and Report FREE CHAPTER

3. Dashboards and Visualizations - Make Data Shine

4. Building an Operational Intelligence Application

5. Extending Intelligence – Datasets, Modeling and Pivoting

6. Diving Deeper – Advanced Searching, Machine Learning and Predictive Analytics

7. Enriching Data – Lookups and Workflows

8. Being Proactive – Creating Alerts

9. Speeding Up Intelligence – Data Summarization

10. Above and Beyond – Customization, Web Framework, HTTP Event Collector, REST API, and SDKs

11. Other Books You May Enjoy

Leave a review - let other readers know what you think

Introduction

In the previous chapter, we learned about Splunk's new data model and Pivot functionality, and how they can be used to further intelligence reporting. In this chapter, we will return to Splunk's SPL, diving deeper and making use of some very powerful search commands to facilitate a better understanding and correlation of event data. You will learn how to create transactions, build subsearches and understand concurrency, leverage field associations, leverage the Splunk Machine Learning Toolkit, and much more.

Looking at event counts, applying statistics to calculate averages, or finding the top values over time only provide a view of the data limited to one angle. Splunk's SPL contains some very powerful search commands that provide the ability to correlate data from different sources and understand or build relationships between the events. Through...

The rest of the chapter is locked

A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.

Unlock this book and the full library FREE for 7 days

Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of

Start free trial

Renews at $19.99/month. Cancel anytime

Authors (4)

Raheja

Yogesh Raheja - - DevOps, Automation and Cloud Coach and Consultant Yogesh Raheja is a certified DevOps and cloud expert with a decade of IT experience. He has expertise in technologies such as OS, source code management, build & release tools, continuous integration/deployment/delivery tools, containers, configuration management tools, monitoring, logging tools, and public/private clouds. He loves to share his technical expertise with audience worldwide at various forums, conferences, webinars, blogs, and LinkedIn. He has written books on IT automation named "Effective DevOps with AWS", "Automation with Puppet 5" and "Automation with Ansible" which has been published by "John & Wiley" and "Packt Publisher". He has also reviewed some of the DevOps books for multiple Publishers.

See other products by Raheja

Derek Mock

Derek Mock is a software developer and big data architect who specializes in IT operations, information security, and cloud technologies. He has 15 years' experience developing and operating large enterprise-grade deployments and SaaS applications. He is a founding partner at Discovered Intelligence, a company specializing in data intelligence services and solutions. For the past 6 years, he has been leveraging Splunk as the core tool to deliver key operational intelligence. Derek is based in Toronto, Canada, and is a co-founder of the Splunk Toronto User Group.

See other products by Derek Mock

Josh Diakun

Josh Diakun is an IT operations and security specialist with a focus on creating data-driven operational processes. He has over 10 years of experience managing and architecting enterprise-grade IT environments. For the past 7 years, he has been architecting, deploying and developing on Splunk as the core platform for organizations to gain security and operational intelligence. Josh is a founding partner at Discovered Intelligence, a company specializing in data intelligence services and solutions. He is also a co-founder of the Splunk Toronto User Group.

See other products by Josh Diakun

Paul R. Johnson

Paul R Johnson has over 10 years of data intelligence experience in the areas of information security, operations, and compliance. He is a partner at Discovered Intelligence, a company specializing in data intelligence services and solutions. Paul previously worked for a Fortune 10 company, leading IT risk intelligence initiatives and managing a global Splunk deployment. Paul co-founded the Splunk Toronto User Group and lives and works in Toronto, Canada.

See other products by Paul R. Johnson