Chapter 6. Diving Deeper – Advanced Searching

In this chapter, we will cover some of the more advanced search commands available within Splunk. We will cover the following recipes:

  • Calculating the average session time on a website
  • Calculating the average execution time for multi-tier web requests
  • Displaying the maximum concurrent checkouts
  • Analyzing the relationship of web requests
  • Predicting website-traffic volumes
  • Finding abnormally sized web requests
  • Identifying potential session spoofing


In the previous chapter, we learned about Splunk's new data model and Pivot functionality and how they can be used to further intelligence reporting. In this chapter, we will return to Splunk's SPL, diving deeper and making use of some very powerful search ...

Get Splunk: Enterprise Operational Intelligence Delivered now with the O’Reilly learning platform.

O’Reilly members experience live online training, plus books, videos, and digital content from nearly 200 publishers.