Chapter 3. On-boarding Data in Splunk

This chapter will detail the most important aspect of Splunk, that is, adding data to Splunk. We will go through the newly added feature in Splunk 6.3 of JSON and REST API format of IoT event collections, HTTP Event Collector, and then, we will cover the various interfaces and options to on-board data on Splunk. We will also study how to manage event segmentation and improvise the data input process.

The following topics will be covered in this chapter:

Deep diving into various input methods and sources
Adding data to Splunk—new interfaces
Data processing
Managing event segmentation
Improving the data input process

Deep diving into various input methods and sources

Splunk supports numerous ways to ingest data on its ...

Get Splunk: Enterprise Operational Intelligence Delivered now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Splunk: Enterprise Operational Intelligence Delivered by Betsy Page Sigman, Erickson Delgado, Josh Diakun, Paul R Johnson, Derek Mock, Ashish Kumar Tulsiram Yadav

Chapter 3. On-boarding Data in Splunk

Deep diving into various input methods and sources

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly