data

Splunk Series III: System Administrator Class (File Structure, Settings and CLI)

Awesome, I was able to move from those 2 slides that took a lot of content and energy our of my brain! – The slides I’m referring to are the ones you get when you assist Splunk’s class for System Administration, basically the posts are my notes (This blog) which is an extraction of the […]

Splunk Series III: System Administrator Class (File Structure, Settings and CLI) Read More »

Splunk Series III: System Administrator Class (Installation and Recommendations)

Splunk can be installed in Windows and Linux for Production environments, there are some tweaks that you can configure to make your environment run better and with no issues, this class makes few recommendations that are very new to me so I will list them here to keep adding to my notes. Linux Settings Recommendations

Splunk Series III: System Administrator Class (Installation and Recommendations) Read More »

Splunk Series III: System Administrator Class (Splunk Components, Processes and Installation)

Getting back from where we left over from yesterday. Here is a quick and interesting view of the components, processes and the Installation planning of the solution. I know, these post maybe repetitive in nature, but its the foundation of a well implemented solution Core Components and Processes This section is dedicated to describe all

Splunk Series III: System Administrator Class (Splunk Components, Processes and Installation) Read More »

Splunk Series II: Knowledge Objects and Managing Fields

Introduction to Knowledge objects These are tools you use to discover and analyze various aspects of your data * Data Interpretation – Fields and field extractions * Data Classification – Event types * Data Enrichment – Lookups and Workflow Actions * Normalization – Tasks and Field Aliases * Datasets – Data models Knowledge objects can

Splunk Series II: Knowledge Objects and Managing Fields Read More »

Splunk Series II: Filtering/Formatting Data

Introduction to Eval Commands The eval commands are great to perform calculations, convert values, road values, format values and even use conditional statements. It is recommended to use search and were commands to filter calculated results. Eval commands allow you to calculate and manipulate field values in your report Supports a variety of functions Results

Splunk Series II: Filtering/Formatting Data Read More »

Splunk Series II: Visualizations

Visualizations When a search returns statistical values, the results can be viewed with different visualization types, some of the Visualization types: Statistical Values Charts: Line, column, pie Single Value Visualizations Maps Charts – Line Chart (Time Series) Chart – Bubble Cluster Map Choropleth Map What is next? Filtering/Formatting Data About the Author: Andres Sarmiento, CCIE

Splunk Series II: Visualizations Read More »

Scroll to Top