Subscription

Explore Products

Best Sellers

New Releases

Books

Videos

Audiobooks

Learning Hub

Conferences

Free Learning

You're reading from Improving Your Splunk Skills Leverage the operational intelligence capabilities of Splunk to unlock new hidden business insights

Product type Course

Published in Aug 2019

Publisher Packt

ISBN-13 9781838981747

Length 680 pages

Edition 1st Edition

Languages

JavaScript

Tools

Splunk

Concepts

Business Intelligence

Authors (4):

James D. Miller

Josh Diakun

Paul R. Johnson

Derek Mock

View More author details

Table of Contents (21) Chapters

Title Page

Improving Your Splunk Skills

About Packt

Contributors

Preface

1. The Splunk Interface FREE CHAPTER

2. Understanding Search

3. Tables, Charts, and Fields

4. Data Models and Pivots

5. Simple XML Dashboards

6. Extending Search

7. Working with Apps

8. Building Advanced Dashboards

9. Summary Indexes and CSV Files

10. Configuring Splunk

11. Play Time – Getting Data In

12. Building an Operational Intelligence Application

13. Diving Deeper – Advanced Searching, Machine Learning and Predictive Analytics

14. Speeding Up Intelligence – Data Summarization

15. Above and Beyond – Customization, Web Framework, HTTP Event Collector, REST API, and SDKs

1. Other Books You May Enjoy

Leave a review - let other readers know what you think

App directory structure

If you do much beyond building searches and dashboards, sooner or later you will need to edit files in the filesystem directly. All apps live in $SPLUNK_HOME/etc/apps/. On UNIX systems, the default installation directory is /opt/splunk. On Windows, the default installation directory is C:\Program Files\Splunk.

This is the value that $SPLUNK_HOME will inherit on startup.

Stepping through the most common directories, we have:

appserver: This directory contains files that are served by the Splunk web app. The files that we uploaded in earlier sections of this chapter are stored in appserver/static.
bin: This is where command scripts belong. These scripts are then referenced in commands.conf. This is also a common location for scripted inputs to live, though they can live anywhere, although best practice it to keep all scripts contained in the bin folder.
default...

The rest of the chapter is locked

A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.

Unlock this book and the full library FREE for 7 days

Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of

Start free trial

Renews at $19.99/month. Cancel anytime

Authors (4)

James D. Miller

James D. Miller is an IBM certified expert, Master Consultant, Application/System Architect with +35 years of applications & system design/development experience across multiple platforms, technologies and data formats, including Big Data. His experience includes IBM Planning Analytics, BI, Web architecture & design, systems analysis, GUI design & testing, Data modeling, design, and development of OLAP, Client/Server, Web & Mainframe applications and systems utilizing: Planning Analytics Workspace (PAW), IBM Watson Analytics, Cognos BI & TM1, Framework Manager, dynaSight/ArcPlan, ASP, DHTML, XML, MS Visual Basic, VBA, PERL, R, SPLUNK, MS SQL Server, ORACLE, etc. He has authored numerous books, including Implementing Splunk - Second Edition; Mastering Splunk; Hands-On Machine Learning with IBM Watson; IBM Watson Projects; Statistics for Data Science; Mastering Predictive Analytics with R - Second Edition and others. Project areas include those with Data Analytics, Planning Analytics, and FOPM projects, holding various roles from architect, developer, technical and project leader.

See other products by James D. Miller

Derek Mock

Derek Mock is a software developer and big data architect who specializes in IT operations, information security, and cloud technologies. He has 15 years' experience developing and operating large enterprise-grade deployments and SaaS applications. He is a founding partner at Discovered Intelligence, a company specializing in data intelligence services and solutions. For the past 6 years, he has been leveraging Splunk as the core tool to deliver key operational intelligence. Derek is based in Toronto, Canada, and is a co-founder of the Splunk Toronto User Group.

See other products by Derek Mock

Josh Diakun

Josh Diakun is an IT operations and security specialist with a focus on creating data-driven operational processes. He has over 10 years of experience managing and architecting enterprise-grade IT environments. For the past 7 years, he has been architecting, deploying and developing on Splunk as the core platform for organizations to gain security and operational intelligence. Josh is a founding partner at Discovered Intelligence, a company specializing in data intelligence services and solutions. He is also a co-founder of the Splunk Toronto User Group.

See other products by Josh Diakun

Paul R. Johnson

Paul R Johnson has over 10 years of data intelligence experience in the areas of information security, operations, and compliance. He is a partner at Discovered Intelligence, a company specializing in data intelligence services and solutions. Paul previously worked for a Fortune 10 company, leading IT risk intelligence initiatives and managing a global Splunk deployment. Paul co-founded the Splunk Toronto User Group and lives and works in Toronto, Canada.

See other products by Paul R. Johnson