WAILRC logo

Cover image for Implementing Splunk [electronic resource] : big data reporting and development for operational intelligence ... / Vincent Bumgarner.
Implementing Splunk [electronic resource] : big data reporting and development for operational intelligence ... / Vincent Bumgarner.
ISBN:
9781849693295

9781849693288
Title:
Implementing Splunk [electronic resource] : big data reporting and development for operational intelligence ... / Vincent Bumgarner.
Author:
Bumgarner, Vincent.
Personal Author:
Bumgarner, Vincent.
Publication Information:
Birmingham : Packt Pub., 2013.
Physical Description:
1 online resource (908 pages).
Series:
Community experience distilled
General Note:
Using transaction with concurrency.
Contents:
Table of Contents; Implementing Splunk: Big Data Reporting and Development for Operational Intelligence; Implementing Splunk: Big Data Reporting and Development for Operational Intelligence; Credits; About the Author; About the Reviewers; www.PacktPub.com; Support files, eBooks, discount offers and more; Why Subscribe?; Free Access for Packt account holders; Preface; What this book covers; What you need for this book; Who this book is for; Conventions; Reader feedback; Customer support; Downloading the example code; Errata; Piracy; Questions; 1. The Splunk Interface; Logging in to Splunk.

The Home appThe top bar; Search app; Data generator; The Summary view; Search; Actions; Timeline; The field picker; Fields; Search results; Options; Events viewer; Using the time picker; Using the field picker; Using Manager; Summary; 2. Understanding Search; Using search terms effectively; Boolean and grouping operators; Clicking to modify your search; Event segmentation; Field widgets; Time; Using fields to search; Using the field picker; Using wildcards efficiently; Only trailing wildcards are efficient; Wildcards are tested last; Supplementing wildcards in fields; All about time.

How Splunk parses timeHow Splunk stores time; How Splunk displays time; How time zones are determined and why it matters; Different ways to search against time; Specifying time in-line in your search; _indextime versus _time; Making searches faster; Sharing results with others; Saving searches for reuse; Creating alerts from searches; Schedule; Actions; Summary; 3. Tables, Charts, and Fields; About the pipe symbol; Using top to show common field values; Controlling the output of top; Using stats to aggregate values; Using chart to turn data; Using timechart to show values over time.

Timechart optionsWorking with fields; A regular expression primer; Commands that create fields; eval; rex; Extracting loglevel; Using the Extract Fields interface; Using rex to prototype a field; Using the admin interface to build a field; Indexed fields versus extracted fields; Indexed field case 1 -- rare instances of a common term; Indexed field case 2 -- splitting words; Indexed field case 3 -- application from source; Indexed field case 4 -- slow requests; Indexed field case 5 -- unneeded work; Summary; 4. Simple XML Dashboards; The purpose of dashboards; Using wizards to build dashboards.

Scheduling the generation of dashboardsEditing the XML directly; UI Examples app; Building forms; Creating a form from a dashboard; Driving multiple panels from one form; Post-processing search results; Post-processing limitations; Panel 1; Panel 2; Panel 3; Final XML; Summary; 5. Advanced Search Examples; Using subsearches to find loosely related events; Subsearch; Subsearch caveats; Nested subsearches; Using transaction; Using transaction to determine the session length; Calculating the aggregate of transaction statistics; Combining subsearches with transaction; Determining concurrency.
Local Note:
eBooks on EBSCOhost
Title Subject:
Splunk.
Subject Term:
Big data.
Format:
Electronic Resources
Electronic Access:
Click here to view
Publication Date:
2013
Publication Information:
Birmingham : Packt Pub., 2013.