𝔖 Scriptorium
✦   LIBER   ✦
πŸ“

Data Analytics Using Splunk 9.x: A practical guide to implementing Splunk's features for performing data analysis at scale

✍ Scribed by Dr. Nadine Shillingford

Publisher
Packt Publishing
Tongue
English
Leaves
336
Category
Library
⬇  Acquire This Volume

No coin nor oath required. For personal study only.

✦ Synopsis

Make the most of Splunk 9.x to build insightful reports and dashboards with a detailed walk-through of its extensive features and capabilities

Key Features

  • Be well-versed with the Splunk 9. x architecture, installation, onboarding, and indexing data features
  • Create advanced visualizations using the Splunk search processing language
  • Explore advanced Splunk administration techniques, including clustering, data modeling, and container management

Book Description

Splunk 9 improves on the existing Splunk tool to include important features such as federated search, observability, performance improvements, and dashboarding. This book helps you to make the best use of the impressive and new features to prepare a Splunk installation that can be employed in the data analysis process.

Starting with an introduction to the different Splunk components, such as indexers, search heads, and forwarders, this Splunk book takes you through the step-by-step installation and configuration instructions for basic Splunk components using Amazon Web Services (AWS) instances. You'll import the BOTS v1 dataset into a search head and begin exploring data using the Splunk Search Processing Language (SPL), covering various types of Splunk commands, lookups, and macros. After that, you'll create tables, charts, and dashboards using Splunk's new Dashboard Studio, and then advance to work with clustering, container management, data models, federated search, bucket merging, and more.

By the end of the book, you'll not only have learned everything about the latest features of Splunk 9 but also have a solid understanding of the performance tuning techniques in the latest version.

What you will learn

  • Install and configure the Splunk 9 environment
  • Create advanced dashboards using the flexible layout options in Dashboard Studio
  • Understand the Splunk licensing models
  • Create tables and make use of the various types of charts available in Splunk 9.x
  • Explore the new configuration management features
  • Implement the performance improvements introduced in Splunk 9.x
  • Integrate Splunk with Kubernetes for optimizing CI/CD management

Who this book is for

The book is for data analysts, Splunk users, and administrators who want to become well-versed in the data analytics services offered by Splunk 9. You need to have a basic understanding of Splunk fundamentals to get the most out of this book.

Table of Contents

  1. Introduction to Splunk and its Core Components
  2. Setting Up the Splunk Environment
  3. Onboarding and Normalizing Data
  4. Introduction to SPL
  5. Reporting Commands, Lookups, and Macros
  6. Creating Tables and Charts Using SPL
  7. Creating Dynamic Dashboards
  8. Licensing, Indexing, and Buckets
  9. Clustering and Advanced Administration
  10. Data Models, Acceleration, and Other Ways to Improve Performance
  11. Multisite Splunk Deployments and Federated Search
  12. Container Management

✦ Table of Contents

Cover
Title Page
Copyright and Credit
Contributors
Table of Contents
Preface
Part 1: Getting Started with Splunk
Chapter 1: Introduction to Splunk and its Core Components
Splunking big data
How is big data generated?
Understanding Splunk
Exploring Splunk components
Forwarders
Indexers
Search heads
Introducing the case study – splunking the BOTS Dataset v1
The setup
Summary
Chapter 2: Setting Up the Splunk Environment
Technical requirements
Installing Splunk Enterprise
Deploying AWS EC2 instances with the Splunk Enterprise AMI
Deploying AWS EC2 instances with the Windows Server 19 Base AMI
Setting up Splunk forwarders
Setting up Splunk deployment servers
Setting up Splunk indexers
Setting up Splunk search heads
Installing additional Splunk add-ons and apps
Installing the BOTS Dataset v1 app
Managing access to Splunk
Users
Summary
Chapter 3: Onboarding and Normalizing Data
Exploring inputs.conf using the Splunk Add-on for Microsoft Windows
Understanding the filesystem of a Splunk add-on
Exploring inputs.conf
Extracting fields using Splunk Web
Field aliases
Calculated fields
Field extractions
Extracting fields using props.conf and transforms.conf
Creating event types and tagging
Summary
Part 2: Visualizing Data with Splunk
Chapter 4: Introduction to SPL
Understanding the Splunk search interface
Dissecting a Splunk query
Formatting and transforming data
Simple mathematical functions
Summary
Chapter 5: Reporting Commands, Lookups, and Macros
Exploring more Splunk commands
Streaming commands
Generating commands
Transforming commands
Orchestrating commands
Dataset processing commands
join
Enhancing logs with lookups
Simplifying Splunk searches with macros
Summary
Chapter 6: Creating Tables and Charts Using SPL
Creating and formatting tables
Creating and formatting charts
Creating advanced charts
Scatter plots
Bubble charts
Choropleth maps
Summary
Chapter 7: Creating Dynamic Dashboards
Adding tables and charts to dashboards
Editing a dashboard panel
Adding inputs, tokens, and drilldowns
Creating dropdown inputs
Adding a time picker
Exploring the dashboard source
Adding reports and drilldowns to dashboards
Experimenting with the new Dashboard Studio
Summary
Part 3: Advanced Topics in Splunk
Chapter 8: Licensing, Indexing, and Buckets
Understanding Splunk indexing and buckets
Exploring Splunk queues
Parsing
Indexing
Discussing Splunk licensing models
Configuring licenses
Summary
Chapter 9: Clustering and Advanced Administration
Introducing Splunk clusters
Understanding search head clusters
Configuring a search head cluster
Understanding indexer clusters
Replication factor
Configuring indexer clusters
Summary
Chapter 10: Data Models, Acceleration, and Other Ways to Improve Performance
Understanding data models
Lookups
Table datasets
Data model datasets
Accelerating data models
Understanding the tstats command
Exploring the Splunk CIM add-on
Improving performance
Summary
Chapter 11: Multisite Splunk Deployments and Federated Search
Exploring multisite Splunk deployments
Splunk Cloud Platform
Multisite search deployments
Hybrid search
Configuring federated search
Using federated search
Searching remote indexes
Searching remote saved searches
Searching remote data models
Summary
Chapter 12: Container Management
Understanding container management
Deploying Splunk in Docker
Getting started with Splunk Operator for Kubernetes
Exploring container logs using Splunk
Summary
Index
Other Books You May Enjoy

πŸ“œ SIMILAR VOLUMES

Data Analytics Using Splunk 9.x: A pract
πŸ“ Data Analytics Using Splunk 9.x: A practical guide to implementing Splunk's features for performing data analysis at scale
✍ Dr. Nadine Shillingford πŸ“‚ Library πŸ› Packt Publishing 🌐 English

<p><span>Make the most of Splunk 9.x to build insightful reports and dashboards with a detailed walk-through of its extensive features and capabilities</span></p><h4><span>Key Features</span></h4><ul><li><span><span>Be well-versed with the Splunk 9. x architecture, installation, onboarding, and inde

Big Data Analytics Using Splunk
πŸ“ Big Data Analytics Using Splunk
✍ Peter Zadrozny, Raghu Kodali (auth.) πŸ“‚ Library πŸ“… 2013 πŸ› Apress 🌐 English

<p><p><em>Big Data Analytics Using Splunk</em> is a hands-on book showing how to process and derive business value from big data in real time. Examples in the book draw from social media sources such as Twitter (tweets) and Foursquare (check-ins). You also learn to draw from machine data, enabling y

Big Data Analytics with Spark: A Practit
πŸ“ Big Data Analytics with Spark: A Practitioner's Guide to Using Spark for Large Scale Data Analysis
✍ Mohammed Guller πŸ“‚ Library πŸ“… 2015 πŸ› Apress 🌐 English

<p><em>Big Data Analytics with Spark</em> is a step-by-step guide for learning Spark, which is an open-source fast and general-purpose cluster computing framework for large-scale data analysis. You will learn how to use Spark for different types of big data analytics projects, including batch, inter

Big Data Analytics with Spark: A Practit
πŸ“ Big Data Analytics with Spark: A Practitioner's Guide to Using Spark for Large Scale Data Analysis
✍ Mohammed Guller πŸ“‚ Library πŸ“… 2016 πŸ› Apress 🌐 English

This book is a step-by-step guide for learning how to use Spark for different types of big-data analytics projects, including batch, interactive, graph, and stream data analysis as well as machine learning. It covers Spark core and its add-on libraries, including Spark SQL, Spark Streaming, GraphX,

Jazz Legato 1. Plink, Plank, Plunk
πŸ“ Jazz Legato 1. Plink, Plank, Plunk
✍ Andersen Leroy. πŸ“‚ Library 🌐 English

ΠŸΠ°Ρ€Ρ‚ΠΈΡ‚ΡƒΡ€Π°. β€” Π‘Π΅Π· Π²Ρ‹Ρ…ΠΎΠ΄Π½Ρ‹Ρ… Π΄Π°Π½Π½Ρ‹Ρ…. β€” 11 с.<div class="bb-sep"></div>Для оркСстра Π½Π°Ρ€ΠΎΠ΄Π½Ρ‹Ρ… инструмСнтов.

Implementing Splunk: Big Data Reporting
πŸ“ Implementing Splunk: Big Data Reporting and Development for Operational Intelligence
✍ Vincent Bumgarner πŸ“‚ Library πŸ“… 2013 πŸ› Packt Publishing 🌐 English

<p>Learn to transform your machine data into valuable IT and business insights with this comprehensive and practical tutorial</p> <ul> <li>Learn to search, dashboard, configure, and deploy Splunk on one machine or thousands</li> <li>Start working with Splunk fast, with a tested set of practical exam