O'Reilly logo

Splunk 7 Essentials - Third Edition by Betsy Page Sigman, Erickson Delgado, J-P Contreras

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Data classification with Event Types

When working with Splunk daily, you will find many of the tasks and searches you run are repeated on a periodic basis. As shown earlier, storing field extraction logic in a single place allows it to be reused in the future. Another way to make things easier and also shorten searches is to create Event Types. Event Types are not the same as events; an event is just a single instance of data. An Event Type is a grouping or classification of events meeting the same search criteria.

If you took a break between chapters, you will probably want to open up Splunk again. Then, execute a search command:

  1. Log in to the Splunk portal
  2. Click on your Destinations app
  3. Type this search in the search bar:
SPL> index=main ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required