Chapter 6. Diving Deeper – Advanced Searching

In this chapter, we will cover some of the more advanced search commands available within Splunk. We will cover the following recipes:

Calculating the average session time on a website
Calculating the average execution time for multi-tier web requests
Displaying the maximum concurrent checkouts
Analyzing the relationship of web requests
Predicting website-traffic volumes
Finding abnormally sized web requests
Identifying potential session spoofing

Introduction

In the previous chapter, we learned about Splunk's new data model and Pivot functionality and how they can be used to further intelligence reporting. In this chapter, we will return to Splunk's SPL, diving deeper and making use of some very powerful search ...

Get Splunk Operational Intelligence Cookbook - Second Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Splunk Operational Intelligence Cookbook - Second Edition by Josh Diakun, Paul R Johnson, Derek Mock

Chapter 6. Diving Deeper – Advanced Searching

Introduction

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly