Chapter 3: Performance, Statistics, and Alerting in Splunk

In the previous chapter, we reviewed Splunk's fundamental features and called out the newest features in Splunk version 8.0. In this chapter, the emphasis will be on understanding and optimizing data storage for cost savings, as well as the intent and use of advanced alerting.

In this chapter, we will cover the following topics:

  • Exploring data in Splunk
  • Understanding storage
  • Storage metrics
  • Logs2Metrics
  • Alerting

Let's get started!

Exploring data in Splunk

Understanding (data) storage in Splunk starts with an understanding of how Splunk stores data and what kinds of data it can store. Actually, when you hear about Splunk storing data, what it really means is collecting and indexing ...

Get Mastering Splunk 8 now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.