Book description
Transform machine-generated data into valuable business insights using the powers of Splunk
Key Features
- Explore the all-new machine learning toolkit in Splunk 7.x
- Tackle any problems related to searching and analyzing your data with Splunk
- Get the latest information and business insights on Splunk 7.x
Book Description
Splunk makes it easy for you to take control of your data and drive your business with the cutting edge of operational intelligence and business analytics. Through this Learning Path, you'll implement new services and utilize them to quickly and efficiently process machine-generated big data.
You'll begin with an introduction to the new features, improvements, and offerings of Splunk 7. You'll learn to efficiently use wildcards and modify your search to make it faster. You'll learn how to enhance your applications by using XML dashboards and configuring and extending Splunk. You'll also find step-by-step demonstrations that'll walk you through building an operational intelligence application. As you progress, you'll explore data models and pivots to extend your intelligence capabilities.
By the end of this Learning Path, you'll have the skills and confidence to implement various Splunk services in your projects.
This Learning Path includes content from the following Packt products:
- Implementing Splunk 7 - Third Edition by James Miller
- Splunk Operational Intelligence Cookbook - Third Edition by Paul R Johnson, Josh Diakun, et al
What you will learn
- Master the new offerings in Splunk: Splunk Cloud and the Machine Learning Toolkit
- Create efficient and effective searches
- Master the use of Splunk tables, charts, and graph enhancements
- Use Splunk data models and pivots with faster data model acceleration
- Master all aspects of Splunk XML dashboards with hands-on applications
- Apply ML algorithms for forecasting and anomaly detection
- Integrate advanced JavaScript charts and leverage Splunk's API
Who this book is for
This Learning Path is for data analysts, business analysts, and IT administrators who want to leverage the Splunk enterprise platform as a valuable operational intelligence tool. Existing Splunk users who want to upgrade and get up and running with Splunk 7.x will also find this book useful. Some knowledge of Splunk services will help you get the most out of this Learning Path.
Table of contents
- Title Page
- Copyright and Credits
- About Packt
- Contributors
- Preface
-
The Splunk Interface
- Logging in to Splunk
- The home app
- The top bar
- The Search & Reporting app
- Using the time picker
- Using the field picker
- The settings section
- Splunk Cloud
- Try before you buy
- A quick cloud tour
- The top bar in Splunk Cloud
- Splunk reference app – PAS
- Universal forwarder
- eventgen
- Next steps
-
Understanding Search
- Using search terms effectively
- Boolean and grouping operators
- Clicking to modify your search
- Using fields to search
- Using wildcards efficiently
- All about time
- Making searches faster
- Sharing results with others
- Searching job settings
- Saving searches for reuse
- Creating alerts from searches
- Event annotations
-
Tables, Charts, and Fields
- About the pipe symbol
- Using top to show common field values
- Using stats to aggregate values
- Using chart to turn data
- Using timechart to show values over time
- Working with fields
- Chart enhancements in version 7.0
- Data Models and Pivots
- Simple XML Dashboards
- Extending Search
- Working with Apps
- Building Advanced Dashboards
-
Summary Indexes and CSV Files
- Understanding summary indexes
- When to use a summary index
- When to not use a summary index
- Populating summary indexes with saved searches
- Using summary index events in a query
- Using sistats, sitop, and sitimechart
- How latency affects summary queries
- How and when to backfill summary data
- Reducing summary index size
- Calculating top for a large time frame
- Using CSV files to store transient data
-
Configuring Splunk
- Locating Splunk configuration files
- The structure of a Splunk configuration file
- The configuration merging logic
-
An overview of Splunk.conf files
- props.conf
- inputs.conf
- transforms.conf
- fields.conf
- outputs.conf
- indexes.conf
- authorize.conf
- savedsearches.conf
- times.conf
- commands.conf
- web.conf
- User interface resources
-
Play Time – Getting Data In
- Introduction
- Indexing files and directories
- Getting data through network ports
- Using scripted inputs
- Using modular inputs
- Using the Universal Forwarder to gather data
- Receiving data using the HTTP Event Collector
- Getting data from databases using DB Connect
- Loading the sample data for this book
- Data onboarding – defining field extractions
- Data onboarding - defining event types and tags
- Installing the Machine Learning Toolkit
-
Building an Operational Intelligence Application
- Introduction
- Creating an Operational Intelligence application
- Adding dashboards and reports
- Organizing the dashboards more efficiently
- Dynamically drilling down on activity reports
- Creating a form for searching web activity
- Linking web page activity reports to the form
- Displaying a geographical map of visitors
- Highlighting average product price
- Scheduling the PDF delivery of a dashboard
-
Diving Deeper – Advanced Searching, Machine Learning and Predictive Analytics
- Introduction
- Calculating the average session time on a website
- Calculating the average execution time for multi-tier web requests
- Displaying the maximum concurrent checkouts
- Analyzing the relationship of web requests
- Predicting website traffic volumes
- Finding abnormally-sized web requests
- Identifying potential session spoofing
- Detecting outliers in server response times
- Forecasting weekly sales
- Speeding Up Intelligence – Data Summarization
-
Above and Beyond – Customization, Web Framework, HTTP Event Collector, REST API, and SDKs
- Introduction
- Customizing the application navigation
- Adding a Sankey diagram of web hits
- Developing a tag cloud of purchases by country
- Adding Cell Icons to Highlight Average Product Price
- Remotely querying Splunk's REST API for unique page views
- Creating a Python application to return unique IP addresses
- Creating a custom search command to format product names
- Collecting data from remote scanning devices
- Other Books You May Enjoy
Product information
- Title: Improving Your Splunk Skills
- Author(s):
- Release date: August 2019
- Publisher(s): Packt Publishing
- ISBN: 9781838981747
You might also like
video
Learning Splunk
Maybe you've heard about Splunk, but don't know how to use it to take control of …
book
Mastering Splunk
Optimize your machine-generated data effectively by developing advanced analytics with Splunk In Detail Splunk is the …
book
Practical Splunk Search Processing Language: A Guide for Mastering SPL Commands for Maximum Efficiency and Outcome
Use this practical guide to the Splunk operational data intelligence platform to search, visualize, and analyze …
book
Data Analytics Using Splunk 9.x
Make the most of Splunk 9.x to build insightful reports and dashboards with a detailed walk-through …