O'Reilly logo

Splunk 7 Essentials - Third Edition by Betsy Page Sigman, Erickson Delgado, J-P Contreras

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Best Practices and Advanced Queries

To build on the strong foundation of the Splunk skills attained using this book so far, we want to introduce you to a few extra skills that will help make you a powerful Splunker. Throughout the book, you have gained the essential skills required to use Splunk effectively. In this chapter, we will look at some best practices you can incorporate into your Splunk instance:

  • Indexes for testing
  • Searching within an index
  • Searching within a limited time frame
  • How to do quick searches via fast mode
  • How to use event sampling
  • Using the fields command to improve performance

We will also provide some advanced searches that you can use as templates when the need arises. These include:

  • Doing a subsearch, or a search ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required