Splunk 7 essentials : demystify machine data by leveraging datasets, building reports, and sharing powerful insights

Splunk 7 essentials demystify machine data by leveraging datasets, building reports, and sharing powerful insights

Transform machine data into powerful analytical intelligence using Splunk About This Book Analyze and visualize machine data to step into the world of Splunk! Leverage the exceptional analysis and visualization capabilities to make informed decisions for your business This easy-to-follow, practical...

Descripción completa

Detalles Bibliográficos
Otros Autores: Contreras, J-P, author (author), Delgado, Erickson, author, Sigman, Betsy Page, author
Formato: Libro electrónico
Idioma:Inglés
Publicado: Birmingham ; Mumbai : Packt 2018.
Edición:Third edition
Materias:
Automatic data collection systems.
Ver en Biblioteca Universitat Ramon Llull:https://discovery.url.edu/permalink/34CSUC_URL/1im36ta/alma991009631760206719
Tabla de Contenidos:
  • Cover
  • Title Page
  • Copyright and Credits
  • Packt Upsell
  • Contributors
  • Table of Contents
  • Preface
  • Chapter 1: Splunk - Getting Started
  • Your Splunk account
  • Obtaining a Splunk account
  • Installing Splunk on Windows
  • Installing Splunk on Linux
  • Logging in for the first time
  • Running a simple search
  • Creating a Splunk app
  • Populating data with Eventgen
  • Using the CLI to configure Eventgen
  • Installing the Eventgen add-on (Windows and Linux)
  • Controlling Splunk
  • Configuring Eventgen
  • Viewing the Destinations app
  • Creating your first dashboard
  • Summary
  • Chapter 2: Bringing in Data
  • Splunk and big data
  • Streaming data
  • Analytical data latency
  • Sparseness of data
  • Splunk data sources
  • Machine data
  • Web logs
  • Data files
  • Social media data
  • Relational database data
  • Other data types
  • Creating indexes
  • Buckets
  • Log files as data input
  • Splunk events and fields
  • Extracting new fields
  • Summary
  • Chapter 3: Search Processing Language
  • Anatomy of a search
  • Search pipeline
  • Time modifiers
  • Filtering search results
  • Search command - stats
  • Search command - top/rare
  • Search commands - chart and timechart
  • Search command - eval
  • Search command - rex
  • Summary
  • Chapter 4: Reporting, Alerts, and Search Optimization
  • Data classification with Event Types
  • Data normalization with Tags
  • Data enrichment with Lookups
  • Creating and scheduling reports
  • Creating alerts
  • Search and Report acceleration
  • Scheduling options
  • Summary indexing
  • Summary
  • Chapter 5: Dynamic Dashboarding
  • Creating effective dashboards
  • Types of dashboards
  • Gathering business requirements
  • Dynamic form-based dashboard
  • Creating a Status Distribution panel
  • Creating the Status Types Over Time panel
  • Creating the Hits vs Response Time panel
  • Arrange the dashboard.
  • Panel options
  • Pie chart - Status Distribution
  • Stacked area chart - Status Types Over Time
  • Column with overlay combination chart - Hits vs Response Time
  • Form inputs
  • Creating a time range input
  • Creating a radio input
  • Creating a drop-down input
  • Static real-time dashboard
  • Single-value panels with color ranges
  • Creating panels by cloning
  • Single-value panels with trends
  • Real-time column charts with line overlays
  • Creating a choropleth map
  • Summary
  • Chapter 6: Data Models and Pivot
  • Creating a data model
  • Adding attributes to objects
  • Creating child objects
  • Creating an attribute based on a regular expression
  • Data model acceleration
  • The Pivot editor
  • Creating a Pivot and a chart
  • Creating an area chart
  • Creating a pie chart
  • Single value with trending sparkline
  • Rearranging your dashboard
  • Summary
  • Chapter 7: HTTP Event Collector
  • What is the HEC?
  • How does the HEC work?
  • How data flows to the HEC
  • Logging data
  • Using a token with data
  • Sending out the data request
  • Verifying the token
  • Indexing the data
  • Enabling the HEC
  • Generating an HEC authentication token
  • Seeing the HEC in action with cURL
  • Indexer acknowledgement
  • Summary
  • Chapter 8: Best Practices and Advanced Queries
  • Indexes for testing
  • Searching within an index
  • Search within a limited time frame
  • Quick searches via fast mode
  • Using event sampling
  • Use the fields command to improve search performance
  • Advanced searches
  • Subsearch
  • Using append
  • Using join
  • Using eval and if
  • Using eval and match with a case function
  • Summary
  • Chapter 9: Taking Splunk to the Organization
  • Common organizational use cases
  • IT operations
  • Cybersecurity
  • Software development and support operations
  • Internet of Things
  • Splunk architecture considerations.
  • Splunk architecture for an organization
  • Search capacity
  • Indexing capacity and data replication
  • High availability for critical environments
  • Monitoring Console
  • Forwarders
  • Universal forwarder
  • Heavy forwarder
  • Splunk Cloud
  • Splunk pricing model
  • The Splunk community and online resources
  • Summary
  • Index.

Ejemplares similares