Implementing Splunk big data reporting and development for operational intelligence ...
Learn to effectively use, configure, deploy and extend Splunk and implement its powerful capabilities
| Main Author: | |
|---|---|
| Format: | eBook |
| Language: | English |
| Published: |
Birmingham
Packt Pub.
2013
|
| Series: | Community experience distilled
|
| Subjects: | |
| Online Access: | |
| Collection: | O'Reilly - Collection details see MPG.ReNa |
Table of Contents:
- Timechart optionsWorking with fields; A regular expression primer; Commands that create fields; eval; rex; Extracting loglevel; Using the Extract Fields interface; Using rex to prototype a field; Using the admin interface to build a field; Indexed fields versus extracted fields; Indexed field case 1
- rare instances of a common term; Indexed field case 2
- splitting words; Indexed field case 3
- application from source; Indexed field case 4
- slow requests; Indexed field case 5
- unneeded work; Summary; 4. Simple XML Dashboards; The purpose of dashboards; Using wizards to build dashboards
- How Splunk parses timeHow Splunk stores time; How Splunk displays time; How time zones are determined and why it matters; Different ways to search against time; Specifying time in-line in your search; _indextime versus _time; Making searches faster; Sharing results with others; Saving searches for reuse; Creating alerts from searches; Schedule; Actions; Summary; 3. Tables, Charts, and Fields; About the pipe symbol; Using top to show common field values; Controlling the output of top; Using stats to aggregate values; Using chart to turn data; Using timechart to show values over time
- The Home appThe top bar; Search app; Data generator; The Summary view; Search; Actions; Timeline; The field picker; Fields; Search results; Options; Events viewer; Using the time picker; Using the field picker; Using Manager; Summary; 2. Understanding Search; Using search terms effectively; Boolean and grouping operators; Clicking to modify your search; Event segmentation; Field widgets; Time; Using fields to search; Using the field picker; Using wildcards efficiently; Only trailing wildcards are efficient; Wildcards are tested last; Supplementing wildcards in fields; All about time
- Table of Contents; Implementing Splunk: Big Data Reporting and Development for Operational Intelligence; Implementing Splunk: Big Data Reporting and Development for Operational Intelligence; Credits; About the Author; About the Reviewers; www.PacktPub.com; Support files, eBooks, discount offers and more; Why Subscribe?; Free Access for Packt account holders; Preface; What this book covers; What you need for this book; Who this book is for; Conventions; Reader feedback; Customer support; Downloading the example code; Errata; Piracy; Questions; 1. The Splunk Interface; Logging in to Splunk
- Scheduling the generation of dashboardsEditing the XML directly; UI Examples app; Building forms; Creating a form from a dashboard; Driving multiple panels from one form; Post-processing search results; Post-processing limitations; Panel 1; Panel 2; Panel 3; Final XML; Summary; 5. Advanced Search Examples; Using subsearches to find loosely related events; Subsearch; Subsearch caveats; Nested subsearches; Using transaction; Using transaction to determine the session length; Calculating the aggregate of transaction statistics; Combining subsearches with transaction; Determining concurrency