O'Reilly logo

Splunk 7 Essentials - Third Edition by Betsy Page Sigman, Erickson Delgado, J-P Contreras

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Summary

In this chapter, you learned how to enhance data in three ways: classifying data using Event Types, normalizing data using Tags, and enriching data using Lookups. You also learned some reporting and alerting techniques, along with report acceleration. You were introduced to the powerful Cron expression, which allows you to create granularity on your scheduled searches, as well as stagger execution times. Finally, you were introduced to the concept of summary indexing, allowing searches against pre-aggregated and stored historical data in the interest of performance.

In the next chapter, Chapter 5, Dynamic Dashboarding, you will go on to learn how to do visualizations.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required