You're reading from Data Analytics Using Splunk 9.x A practical guide to implementing Splunk's features for performing data analysis at scale

Product type Paperback

Published in Jan 2023

Publisher Packt

ISBN-13 9781803249414

Length 336 pages

Edition 1st Edition

Tools

Splunk

Concepts

Data Analysis

Author (1):

Dr. Nadine Shillingford

View More author details

Table of Contents (18) Chapters

Preface

1. Part 1: Getting Started with Splunk

2. Chapter 1: Introduction to Splunk and its Core Components FREE CHAPTER

3. Chapter 2: Setting Up the Splunk Environment

4. Chapter 3: Onboarding and Normalizing Data

5. Part 2: Visualizing Data with Splunk

6. Chapter 4: Introduction to SPL

7. Chapter 5: Reporting Commands, Lookups, and Macros

8. Chapter 6: Creating Tables and Charts Using SPL

9. Chapter 7: Creating Dynamic Dashboards

10. Part 3: Advanced Topics in Splunk

11. Chapter 8: Licensing, Indexing, and Buckets

12. Chapter 9: Clustering and Advanced Administration

13. Chapter 10: Data Models, Acceleration, and Other Ways to Improve Performance

14. Chapter 11: Multisite Splunk Deployments and Federated Search

15. Chapter 12: Container Management

16. Index

Why subscribe?

17. Other Books You May Enjoy

Onboarding and Normalizing Data

Splunk refers to the process of configuring new data sources as onboarding. Onboarding can be accomplished using the Splunk Graphical User Interface (GUI) (commonly known as Splunk Web) and Splunk Command Line Interface (CLI) commands, as well as by editing configuration files. The term normalizing data refers to the action of ensuring that the data is Splunk meets a Common Information Model (CIM). This is a very important step in using Splunk. In this chapter, we will explore the way data is onboarded and how we can extract fields. First, we will explore the way data is onboarded in the default inputs.conf file in the Splunk Add-on for Microsoft Windows. Then, we will use Splunk Web and configuration files to extract fields. Finally, we will explore event types and tags in the add-ons and apps that we installed in Chapter 2, Setting Up the Splunk Environment. We will create new event types and tags. We will also be executing simple Search Processing...