O'Reilly logo

Splunk 7 Essentials - Third Edition by Betsy Page Sigman, Erickson Delgado, J-P Contreras

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Splunk events and fields

All throughout this chapter, you have been running Splunk search queries that have returned data. It is important to understand what events and fields are before we go any further, for an understanding of these is essential to comprehending what happens when you run Splunk on the data.

In Splunk, data is classified into events and is like a record, such as a log file entry or other type of input data. An event can have many different attributes or fields or just a few. When you run a successful search query, you will see events returned from the Splunk indexes the search is being run against. If you are looking at live streaming data, events can come in very quickly through Splunk.

Every event is given a number of ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required