You're reading from Data Analytics Using Splunk 9.x A practical guide to implementing Splunk's features for performing data analysis at scale

Product type Paperback

Published in Jan 2023

Publisher Packt

ISBN-13 9781803249414

Length 336 pages

Edition 1st Edition

Tools

Splunk

Concepts

Data Analysis

Author (1):

Dr. Nadine Shillingford

View More author details

Table of Contents (18) Chapters

Preface

1. Part 1: Getting Started with Splunk

2. Chapter 1: Introduction to Splunk and its Core Components FREE CHAPTER

3. Chapter 2: Setting Up the Splunk Environment

4. Chapter 3: Onboarding and Normalizing Data

5. Part 2: Visualizing Data with Splunk

6. Chapter 4: Introduction to SPL

7. Chapter 5: Reporting Commands, Lookups, and Macros

8. Chapter 6: Creating Tables and Charts Using SPL

9. Chapter 7: Creating Dynamic Dashboards

10. Part 3: Advanced Topics in Splunk

11. Chapter 8: Licensing, Indexing, and Buckets

12. Chapter 9: Clustering and Advanced Administration

13. Chapter 10: Data Models, Acceleration, and Other Ways to Improve Performance

14. Chapter 11: Multisite Splunk Deployments and Federated Search

15. Chapter 12: Container Management

16. Index

Why subscribe?

17. Other Books You May Enjoy

Improving performance

In this section, we will look at several best practices that can help improve our Splunk experience. We will explore useful backend and search time practices, including efficient search syntax, setting limits, and other interesting methods.

We can increase the efficiency of Splunk on the backend by implementing some simple configurations and practices:

Follow the memory and CPU recommendations from Splunk. Refer to the current Splunk documentation to ensure that your servers meet Splunk’s recommendations.
Ensure that the operating system supports the version of Splunk you plan to use. Universal forwarders work on a range of operating systems. However, the current Enterprise License only works on the latest Linux (x86 64- bit) kernel versions, Windows Server (2022, 2016, and 2019), and Windows 10 (x86 64-bit). Splunk also runs on AWS instances (as we saw in Chapter 2, Setting Up the Splunk Environment). Containerized solutions such as Docker...