SlideShare a Scribd company logo

Getting Started with Splunk Enterprise Hands-On

Splunk
Splunk

Getting Started with Splunk Enterprise Hands-On

Technology
1 of 18
Copyright  ©  2015  Splunk  Inc.   Ge:ng  Started  with   Splunk  Enterprise   Hands-­‐On  Tour   Zachary  Carney   Sr.  Splunk  Sales  Engineer  
2   ]   Make  machine  data  accessible,  usable     and  valuable  to  everyone.    
3   Big  Data?  
4   Big  Data   Big  data  is  a  term  for  data  sets  that  are  so  large  or  complex  that   tradiQonal  data  processing  applicaQons  are  inadequate.     Manually  or  automaQcally  generated,  not  always  Qme  stamped   events     Term  typically  refers  to  the  use  of  analyQcs  in  order  to  extract  value   from  the  data  set.  
5   Machine Data?
6   Machine Data Time  stamped,  high  volume,  machine  generated  (velocity)     No  single  form  or  format  (variable)     DefiniQve  record  of  events  in  your  organizaQon    
7   Machine Data   Defini,ve  record  of  events  in  your  organiza,on       This  is  how  security  engineers  idenQfy  and  interrupt  kill  chains     This  is  user  telemetry  data  that  reveals  soZware  bugs     This  is  how  we  spot  correlaQons  in  customer  behavior            
8   The  AcceleraQng  Pace  of  Data   Volume    |    Velocity    |    Variety  |  Variability   GPS,   RFID,   Hypervisor,   Web  Servers,   Email,  Messaging,   Clickstreams,  Mobile,     Telephony,  IVR,  Databases,   Sensors,  TelemaQcs,  Storage,   Servers,  Security  Devices,  Desktops     Machine  data  is  the  fastest  growing,  most   complex,  most  valuable  area  of  big  data  
9   Turning  Machine  Data  Into  Business  Value   Index  Untapped  Data:  Any  Source,  Type,  Volume   Online   Services   Web   Services   Servers   Security   GPS   LocaQon   Storage   Desktops   Networks   Packaged   ApplicaQons   Custom   ApplicaQons  Messaging   Telecoms   Online   Shopping   Cart   Web   Clickstreams   Databases   Energy   Meters   Call  Detail   Records   Smartphones   and  Devices   RFID   On-­‐   Premises   Private     Cloud   Public     Cloud    Ask  Any  Ques,on   Applica,on  Delivery   Security,  Compliance   and  Fraud   IT  Opera,ons   Business  Analy,cs   Industrial  Data  and   the  Internet  of  Things  
10   Industry  Leading  Plaeorm  for  Machine  Data   Index  Untapped  Data:  Any  Source,  Type,  Volume   Online   Services   Web   Services   Servers   Security   GPS   LocaQon   Storage   Desktops   Networks   Packaged   ApplicaQons   Custom   ApplicaQons  Messaging   Telecoms   Online   Shopping   Cart   Web   Clickstreams   Databases   Energy   Meters   Call  Detail   Records   Smartphones   and  Devices   RFID   On-­‐   Premises   Private     Cloud   Public     Cloud    Ask  Any  Ques,on   Applica,on  Delivery   Security,  Compliance   and  Fraud   IT  Opera,ons   Business  Analy,cs   Industrial  Data  and   the  Internet  of  Things   Any  amount,  any  locaQon,  any  source   Schema-­‐ on-­‐the-­‐fly   Universal   indexing   No     back-­‐end   RDBMS   No  need     to  filter   data  
11   Plaeorm  for  OperaQonal  Intelligence   Rich  Ecosystem  of   Apps  &  Add-­‐Ons   Splunk  Premium   Solu,ons   Mainframe   Data   RelaQonal   Databases   Mobile  Forwarders   Syslog/TCP   IoT   Devices   Network   Wire  Data   Hadoop     The  Splunk  Poreolio  
12   Download  Splunk  Enterprise  for  your  OS  and  Architecture.  
13   Download  turoQaldata.zip  
14   Text   With  Firefox,  Chrome,  or  Safari  –  head  to  hjp://127.0.0.1:8000  .  User=admin  password=changeme  
15   SPL  Commands  run  on  tutorial  data   ************************   search  basics   ************************   buPercupgames   Qme  picker   buPercupgames  400   buPercupgames  400  OR  300   buPercupgames  status=500  OR  status=400   fields>>”status”>>make  selected  field   select  “top  values”   modify  query:   bujercupgames  status=500  OR  status=400|  top  limit=20  status   to   buPercupgames  status=500  OR  status=4*|  top  limit=20  status   bar  and  pie  chart   back  to  raw  search:   buPercupgames  status=500  OR  status=4*   fields>>”status”>>top  values  over  Qme   line  vs  bar  graph..   look  at  raw  search  and  discuss  |  pipe   bujercupgames  status=500  OR  status=4*|  Qmechart  count  by  status  limit=10   buPercupgames  status=*   drill  into  histogram  bar..   fields>>”status”>>top  values  by  Qme   modify  search  to  exclude  200   buPercupgames  status=*  AND  status!=200  |  ,mechart  count  by  status  limit=10   is  the  same  as:   buPercupgames  status=*  NOT  status=200  |  ,mechart  count  by  status  limit=10   same  event  result  count   change  line  to  column   column  to  stack   save  as  new  dash  board   search  bujon  back  to  home  screen   ************************   field  extracQon   ************************   buPercupgames   select  an  event  (any  event)   click  >  to  expand  the  fields  of  the  event  and  the  event  opQons   click  “event  opQons>>extract  fields”   select  “regular  expressions”     select  “next”   highlight  the  value  of  the  field  you  want  to  extract..  in  this  case  mozilla   name  the  field  “browser_type”   show  regular  expression..   preview  events  and  browser  type  to  verify  it  looks  good   validate  for  removal   permissions:  all  apps   save  and  search…   fields>>”browser_type”  as  selected  field   “browser_type”  top  values   bar  graph,  pie  graph   add  pie  to  exisQng  dashboard   view  in  search  the  “status  by  day”  original  dashboard  panel:   bujercupgames  status=*  NOT  status=200  |  Qmechart  count  by  status  limit=10   add  new  extracted  field  Qmes  to  break  out  status  by  browser   buPercupgames  status=*  NOT  status=200  browser_type=opera  |  ,mechart  count  by  status  limit=10   add  to  dashboard  panel  as  opera  status   buPercupgames  status=*  NOT  status=200  browser_type=mozilla  |  ,mechart  count  by  status  limit=10   add  to  dashboard  panel  as  mozilla  status   Dashboard  now  shows  status  codes  by  day,  browser  types,  and  status  codes  by  browser  type  
16   SPL  Commands  run  on  tutorial  data   ***************   alerts   ***************   search..   buPercupgames   Search  for  unsuccessful  events  that  exceed  100  in  quanQty   save  as  alerts,  scheduled  once  a  min   scheduled,  run  on  chron,  early  -­‐90d,  latest  now,  cron  expression  “  */1  *  *  *  *  ”  ,  trigger  results  >  0,     *********   geostats   *********   buPercupgames  status=*  |  iploca,on  clien,p   fields>>city   fields>>state   buPercupgames  status=*  |  iploca,on  clien,p  |  geostats  count  by  ac,on   Save  to  dashboard   Sweet!      
Copyright  ©  2015  Splunk  Inc.   SEPT  26-­‐29,  2016   WALT  DISNEY  WORLD,  ORLANDO   SWAN  AND  DOLPHIN  RESORTS   •  5000+    IT  &  Business  Professionals   •  3  days  of  technical  content   •  165+  sessions     •  80+  Customer  Speakers   •  35+  Apps  in  Splunk  Apps  Showcase   •  75+  Technology  Partners   •  1:1  networking:  Ask  The  Experts  and  Security   Experts,  Birds  of  a  Feather  and  Chalk  Talks   •  NEW  hands-­‐on  labs!     •  Expanded  show  floor,  Dashboards  Control   Room  &  Clinic,  and  MORE!     The  7th  Annual  Splunk  Worldwide  Users’  Conference   PLUS  Splunk  University   •  Three  days:  Sept  24-­‐26,  2016   •  Get  Splunk  CerQfied  for  FREE!   •  Get  CPE  credits  for  CISSP,  CAP,  SSCP   •  Save  thousands  on  Splunk  educaQon!   #splunkconf2016  
18   Thank  You  

Recommended

IT Service Intelligence Hands On Breakout Session
IT Service Intelligence Hands On Breakout SessionIT Service Intelligence Hands On Breakout Session
IT Service Intelligence Hands On Breakout SessionSplunk
 
Data Onboarding
Data Onboarding Data Onboarding
Data Onboarding Splunk
 
Splunk conf2014 - Onboarding Data Into Splunk
Splunk conf2014 - Onboarding Data Into SplunkSplunk conf2014 - Onboarding Data Into Splunk
Splunk conf2014 - Onboarding Data Into SplunkSplunk
 
Splunk Ninjas: New Features and Search Dojo
Splunk Ninjas: New Features and Search DojoSplunk Ninjas: New Features and Search Dojo
Splunk Ninjas: New Features and Search DojoSplunk
 
Splunk Webinar Best Practices für Incident Investigation
Splunk Webinar Best Practices für Incident InvestigationSplunk Webinar Best Practices für Incident Investigation
Splunk Webinar Best Practices für Incident InvestigationGeorg Knon
 
Supporting Enterprise System Rollouts with Splunk
Supporting Enterprise System Rollouts with SplunkSupporting Enterprise System Rollouts with Splunk
Supporting Enterprise System Rollouts with SplunkErin Sweeney
 
Machine Learning and Analytics Breakout Session
Machine Learning and Analytics Breakout SessionMachine Learning and Analytics Breakout Session
Machine Learning and Analytics Breakout SessionSplunk
 
Getting Data into Splunk
Getting Data into SplunkGetting Data into Splunk
Getting Data into SplunkSplunk
 

Recommended

IT Service Intelligence Hands On Breakout Session
IT Service Intelligence Hands On Breakout SessionIT Service Intelligence Hands On Breakout Session
IT Service Intelligence Hands On Breakout SessionSplunk
 
Data Onboarding
Data Onboarding Data Onboarding
Data Onboarding Splunk
 
Splunk conf2014 - Onboarding Data Into Splunk
Splunk conf2014 - Onboarding Data Into SplunkSplunk conf2014 - Onboarding Data Into Splunk
Splunk conf2014 - Onboarding Data Into SplunkSplunk
 
Splunk Ninjas: New Features and Search Dojo
Splunk Ninjas: New Features and Search DojoSplunk Ninjas: New Features and Search Dojo
Splunk Ninjas: New Features and Search DojoSplunk
 
Splunk Webinar Best Practices für Incident Investigation
Splunk Webinar Best Practices für Incident InvestigationSplunk Webinar Best Practices für Incident Investigation
Splunk Webinar Best Practices für Incident InvestigationGeorg Knon
 
Supporting Enterprise System Rollouts with Splunk
Supporting Enterprise System Rollouts with SplunkSupporting Enterprise System Rollouts with Splunk
Supporting Enterprise System Rollouts with SplunkErin Sweeney
 
Machine Learning and Analytics Breakout Session
Machine Learning and Analytics Breakout SessionMachine Learning and Analytics Breakout Session
Machine Learning and Analytics Breakout SessionSplunk
 
Getting Data into Splunk
Getting Data into SplunkGetting Data into Splunk
Getting Data into SplunkSplunk
 
What's New in 6.3 + Data On-Boarding
What's New in 6.3 + Data On-BoardingWhat's New in 6.3 + Data On-Boarding
What's New in 6.3 + Data On-BoardingSplunk
 
Splunk for Developers Breakout Session
Splunk for Developers Breakout SessionSplunk for Developers Breakout Session
Splunk for Developers Breakout SessionSplunk
 
Getting Started Getting Started With Splunk Enterprise
Getting Started Getting Started With Splunk EnterpriseGetting Started Getting Started With Splunk Enterprise
Getting Started Getting Started With Splunk EnterpriseSplunk
 
SplunkSummit 2015 - A Quick Guide to Search Optimization
SplunkSummit 2015 - A Quick Guide to Search OptimizationSplunkSummit 2015 - A Quick Guide to Search Optimization
SplunkSummit 2015 - A Quick Guide to Search OptimizationSplunk
 
Getting Started with Splunk Enterprise
Getting Started with Splunk EnterpriseGetting Started with Splunk Enterprise
Getting Started with Splunk EnterpriseSplunk
 
Nationwide Splunk Ninjas!
Nationwide Splunk Ninjas!Nationwide Splunk Ninjas!
Nationwide Splunk Ninjas!Splunk
 
Data Onboarding Breakout Session
Data Onboarding Breakout SessionData Onboarding Breakout Session
Data Onboarding Breakout SessionSplunk
 
Getting started with Splunk - Break out Session
Getting started with Splunk - Break out SessionGetting started with Splunk - Break out Session
Getting started with Splunk - Break out SessionGeorg Knon
 
Splunk Tutorial for Beginners - What is Splunk | Edureka
Splunk Tutorial for Beginners - What is Splunk | EdurekaSplunk Tutorial for Beginners - What is Splunk | Edureka
Splunk Tutorial for Beginners - What is Splunk | EdurekaEdureka!
 
Splunk as a_big_data_platform_for_developers_spring_one2gx
Splunk as a_big_data_platform_for_developers_spring_one2gxSplunk as a_big_data_platform_for_developers_spring_one2gx
Splunk as a_big_data_platform_for_developers_spring_one2gxDamien Dallimore
 
SplunkLive! London: Splunk ninjas- new features and search dojo
SplunkLive! London: Splunk ninjas- new features and search dojoSplunkLive! London: Splunk ninjas- new features and search dojo
SplunkLive! London: Splunk ninjas- new features and search dojoSplunk
 
Splunk Enterprise 6.3 - Splunk Tech Day
Splunk Enterprise 6.3 - Splunk Tech DaySplunk Enterprise 6.3 - Splunk Tech Day
Splunk Enterprise 6.3 - Splunk Tech DayZivaro Inc
 
Machine Data 101
Machine Data 101Machine Data 101
Machine Data 101Splunk
 
Splunk app for stream
Splunk app for stream Splunk app for stream
Splunk app for stream csching
 
Splunk for Developers
Splunk for DevelopersSplunk for Developers
Splunk for DevelopersSplunk
 
Splunk App for Stream for Enhanced Operational Intelligence from Wire Data
Splunk App for Stream for Enhanced Operational Intelligence from Wire DataSplunk App for Stream for Enhanced Operational Intelligence from Wire Data
Splunk App for Stream for Enhanced Operational Intelligence from Wire DataSplunk
 
Getting Started with Splunk Enterprise - Demo
Getting Started with Splunk Enterprise - DemoGetting Started with Splunk Enterprise - Demo
Getting Started with Splunk Enterprise - DemoSplunk
 
What's New in Splunk 6.3
What's New in Splunk 6.3What's New in Splunk 6.3
What's New in Splunk 6.3Splunk
 
Splunk live beginner training nyc
Splunk live beginner training nycSplunk live beginner training nyc
Splunk live beginner training nycDimitri McKay - CISSP
 
Real-Time Status Commands
Real-Time Status CommandsReal-Time Status Commands
Real-Time Status CommandsSplunk
 
Unified Data Access with Gimel
Unified Data Access with GimelUnified Data Access with Gimel
Unified Data Access with GimelAlluxio, Inc.
 
Data orchestration | 2020 | Alluxio | Gimel
Data orchestration | 2020 | Alluxio | GimelData orchestration | 2020 | Alluxio | Gimel
Data orchestration | 2020 | Alluxio | GimelDeepak Chandramouli
 

More Related Content

What's hot

What's New in 6.3 + Data On-Boarding
What's New in 6.3 + Data On-BoardingWhat's New in 6.3 + Data On-Boarding
What's New in 6.3 + Data On-BoardingSplunk
 
Splunk for Developers Breakout Session
Splunk for Developers Breakout SessionSplunk for Developers Breakout Session
Splunk for Developers Breakout SessionSplunk
 
Getting Started Getting Started With Splunk Enterprise
Getting Started Getting Started With Splunk EnterpriseGetting Started Getting Started With Splunk Enterprise
Getting Started Getting Started With Splunk EnterpriseSplunk
 
SplunkSummit 2015 - A Quick Guide to Search Optimization
SplunkSummit 2015 - A Quick Guide to Search OptimizationSplunkSummit 2015 - A Quick Guide to Search Optimization
SplunkSummit 2015 - A Quick Guide to Search OptimizationSplunk
 
Getting Started with Splunk Enterprise
Getting Started with Splunk EnterpriseGetting Started with Splunk Enterprise
Getting Started with Splunk EnterpriseSplunk
 
Nationwide Splunk Ninjas!
Nationwide Splunk Ninjas!Nationwide Splunk Ninjas!
Nationwide Splunk Ninjas!Splunk
 
Data Onboarding Breakout Session
Data Onboarding Breakout SessionData Onboarding Breakout Session
Data Onboarding Breakout SessionSplunk
 
Getting started with Splunk - Break out Session
Getting started with Splunk - Break out SessionGetting started with Splunk - Break out Session
Getting started with Splunk - Break out SessionGeorg Knon
 
Splunk Tutorial for Beginners - What is Splunk | Edureka
Splunk Tutorial for Beginners - What is Splunk | EdurekaSplunk Tutorial for Beginners - What is Splunk | Edureka
Splunk Tutorial for Beginners - What is Splunk | EdurekaEdureka!
 
Splunk as a_big_data_platform_for_developers_spring_one2gx
Splunk as a_big_data_platform_for_developers_spring_one2gxSplunk as a_big_data_platform_for_developers_spring_one2gx
Splunk as a_big_data_platform_for_developers_spring_one2gxDamien Dallimore
 
SplunkLive! London: Splunk ninjas- new features and search dojo
SplunkLive! London: Splunk ninjas- new features and search dojoSplunkLive! London: Splunk ninjas- new features and search dojo
SplunkLive! London: Splunk ninjas- new features and search dojoSplunk
 
Splunk Enterprise 6.3 - Splunk Tech Day
Splunk Enterprise 6.3 - Splunk Tech DaySplunk Enterprise 6.3 - Splunk Tech Day
Splunk Enterprise 6.3 - Splunk Tech DayZivaro Inc
 
Machine Data 101
Machine Data 101Machine Data 101
Machine Data 101Splunk
 
Splunk app for stream
Splunk app for stream Splunk app for stream
Splunk app for stream csching
 
Splunk for Developers
Splunk for DevelopersSplunk for Developers
Splunk for DevelopersSplunk
 
Splunk App for Stream for Enhanced Operational Intelligence from Wire Data
Splunk App for Stream for Enhanced Operational Intelligence from Wire DataSplunk App for Stream for Enhanced Operational Intelligence from Wire Data
Splunk App for Stream for Enhanced Operational Intelligence from Wire DataSplunk
 
Getting Started with Splunk Enterprise - Demo
Getting Started with Splunk Enterprise - DemoGetting Started with Splunk Enterprise - Demo
Getting Started with Splunk Enterprise - DemoSplunk
 
What's New in Splunk 6.3
What's New in Splunk 6.3What's New in Splunk 6.3
What's New in Splunk 6.3Splunk
 

What's hot (19)

What's New in 6.3 + Data On-Boarding
What's New in 6.3 + Data On-BoardingWhat's New in 6.3 + Data On-Boarding
What's New in 6.3 + Data On-Boarding
 
Splunk for Developers Breakout Session
Splunk for Developers Breakout SessionSplunk for Developers Breakout Session
Splunk for Developers Breakout Session
 
Getting Started Getting Started With Splunk Enterprise
Getting Started Getting Started With Splunk EnterpriseGetting Started Getting Started With Splunk Enterprise
Getting Started Getting Started With Splunk Enterprise
 
SplunkSummit 2015 - A Quick Guide to Search Optimization
SplunkSummit 2015 - A Quick Guide to Search OptimizationSplunkSummit 2015 - A Quick Guide to Search Optimization
SplunkSummit 2015 - A Quick Guide to Search Optimization
 
Getting Started with Splunk Enterprise
Getting Started with Splunk EnterpriseGetting Started with Splunk Enterprise
Getting Started with Splunk Enterprise
 
Nationwide Splunk Ninjas!
Nationwide Splunk Ninjas!Nationwide Splunk Ninjas!
Nationwide Splunk Ninjas!
 
Data Onboarding Breakout Session
Data Onboarding Breakout SessionData Onboarding Breakout Session
Data Onboarding Breakout Session
 
Getting started with Splunk - Break out Session
Getting started with Splunk - Break out SessionGetting started with Splunk - Break out Session
Getting started with Splunk - Break out Session
 
Splunk Tutorial for Beginners - What is Splunk | Edureka
Splunk Tutorial for Beginners - What is Splunk | EdurekaSplunk Tutorial for Beginners - What is Splunk | Edureka
Splunk Tutorial for Beginners - What is Splunk | Edureka
 
Splunk as a_big_data_platform_for_developers_spring_one2gx
Splunk as a_big_data_platform_for_developers_spring_one2gxSplunk as a_big_data_platform_for_developers_spring_one2gx
Splunk as a_big_data_platform_for_developers_spring_one2gx
 
SplunkLive! London: Splunk ninjas- new features and search dojo
SplunkLive! London: Splunk ninjas- new features and search dojoSplunkLive! London: Splunk ninjas- new features and search dojo
SplunkLive! London: Splunk ninjas- new features and search dojo
 
Splunk Enterprise 6.3 - Splunk Tech Day
Splunk Enterprise 6.3 - Splunk Tech DaySplunk Enterprise 6.3 - Splunk Tech Day
Splunk Enterprise 6.3 - Splunk Tech Day
 
Machine Data 101
Machine Data 101Machine Data 101
Machine Data 101
 
Splunk app for stream
Splunk app for stream Splunk app for stream
Splunk app for stream
 
Splunk for Developers
Splunk for DevelopersSplunk for Developers
Splunk for Developers
 
Splunk App for Stream for Enhanced Operational Intelligence from Wire Data
Splunk App for Stream for Enhanced Operational Intelligence from Wire DataSplunk App for Stream for Enhanced Operational Intelligence from Wire Data
Splunk App for Stream for Enhanced Operational Intelligence from Wire Data
 
Getting Started with Splunk Enterprise - Demo
Getting Started with Splunk Enterprise - DemoGetting Started with Splunk Enterprise - Demo
Getting Started with Splunk Enterprise - Demo
 
What's New in Splunk 6.3
What's New in Splunk 6.3What's New in Splunk 6.3
What's New in Splunk 6.3
 
Splunk live beginner training nyc
Splunk live beginner training nycSplunk live beginner training nyc
Splunk live beginner training nyc
 

Similar to Getting Started with Splunk Enterprise Hands-On

Real-Time Status Commands
Real-Time Status CommandsReal-Time Status Commands
Real-Time Status CommandsSplunk
 
Unified Data Access with Gimel
Unified Data Access with GimelUnified Data Access with Gimel
Unified Data Access with GimelAlluxio, Inc.
 
Data orchestration | 2020 | Alluxio | Gimel
Data orchestration | 2020 | Alluxio | GimelData orchestration | 2020 | Alluxio | Gimel
Data orchestration | 2020 | Alluxio | GimelDeepak Chandramouli
 
EDA Meets Data Engineering – What's the Big Deal?
EDA Meets Data Engineering – What's the Big Deal?EDA Meets Data Engineering – What's the Big Deal?
EDA Meets Data Engineering – What's the Big Deal?confluent
 
Overview Of Parallel Development - Ericnel
Overview Of Parallel Development - EricnelOverview Of Parallel Development - Ericnel
Overview Of Parallel Development - Ericnelukdpe
 
Next Generation Address Management with VitalQIP - Alcatel-Lucent and Perficient
Next Generation Address Management with VitalQIP - Alcatel-Lucent and PerficientNext Generation Address Management with VitalQIP - Alcatel-Lucent and Perficient
Next Generation Address Management with VitalQIP - Alcatel-Lucent and PerficientPerficient, Inc.
 
ql.io: Consuming HTTP at Scale
ql.io: Consuming HTTP at Scale ql.io: Consuming HTTP at Scale
ql.io: Consuming HTTP at Scale Subbu Allamaraju
 
NetDevOps 202: Life After Configuration
NetDevOps 202: Life After ConfigurationNetDevOps 202: Life After Configuration
NetDevOps 202: Life After ConfigurationCumulus Networks
 
Data Onboarding
Data Onboarding Data Onboarding
Data Onboarding Splunk
 
Getting Started with Splunk Enterprise
Getting Started with Splunk EnterpriseGetting Started with Splunk Enterprise
Getting Started with Splunk EnterpriseSplunk
 
Getting Started with Splunk Enterprise
Getting Started with Splunk EnterpriseGetting Started with Splunk Enterprise
Getting Started with Splunk EnterpriseSplunk
 
Oracle Basics and Architecture
Oracle Basics and ArchitectureOracle Basics and Architecture
Oracle Basics and ArchitectureSidney Chen
 
KFServing, Model Monitoring with Apache Spark and a Feature Store
KFServing, Model Monitoring with Apache Spark and a Feature StoreKFServing, Model Monitoring with Apache Spark and a Feature Store
KFServing, Model Monitoring with Apache Spark and a Feature StoreDatabricks
 
New Approaches for Fraud Detection on Apache Kafka and KSQL
New Approaches for Fraud Detection on Apache Kafka and KSQLNew Approaches for Fraud Detection on Apache Kafka and KSQL
New Approaches for Fraud Detection on Apache Kafka and KSQLconfluent
 
Delivering New Visibility and Analytics for IT Operations
Delivering New Visibility and Analytics for IT OperationsDelivering New Visibility and Analytics for IT Operations
Delivering New Visibility and Analytics for IT OperationsGabrielle Knowles
 
SplunkLive Auckland - Operational Intelligence
SplunkLive Auckland - Operational IntelligenceSplunkLive Auckland - Operational Intelligence
SplunkLive Auckland - Operational IntelligenceSplunk
 
SplunkLive Wellington 2015 - Operational Intelligence
SplunkLive Wellington 2015 - Operational IntelligenceSplunkLive Wellington 2015 - Operational Intelligence
SplunkLive Wellington 2015 - Operational IntelligenceSplunk
 
Splunk Enterprise for IT Troubleshooting
Splunk Enterprise for IT TroubleshootingSplunk Enterprise for IT Troubleshooting
Splunk Enterprise for IT TroubleshootingSplunk
 
The Real World - Plugging the Enterprise Into It (nodejs)
The Real World - Plugging the Enterprise Into It (nodejs)The Real World - Plugging the Enterprise Into It (nodejs)
The Real World - Plugging the Enterprise Into It (nodejs)Aman Kohli
 
Real-Time Health Score Application using Apache Spark on Kubernetes
Real-Time Health Score Application using Apache Spark on KubernetesReal-Time Health Score Application using Apache Spark on Kubernetes
Real-Time Health Score Application using Apache Spark on KubernetesDatabricks
 

Similar to Getting Started with Splunk Enterprise Hands-On (20)

Real-Time Status Commands
Real-Time Status CommandsReal-Time Status Commands
Real-Time Status Commands
 
Unified Data Access with Gimel
Unified Data Access with GimelUnified Data Access with Gimel
Unified Data Access with Gimel
 
Data orchestration | 2020 | Alluxio | Gimel
Data orchestration | 2020 | Alluxio | GimelData orchestration | 2020 | Alluxio | Gimel
Data orchestration | 2020 | Alluxio | Gimel
 
EDA Meets Data Engineering – What's the Big Deal?
EDA Meets Data Engineering – What's the Big Deal?EDA Meets Data Engineering – What's the Big Deal?
EDA Meets Data Engineering – What's the Big Deal?
 
Overview Of Parallel Development - Ericnel
Overview Of Parallel Development - EricnelOverview Of Parallel Development - Ericnel
Overview Of Parallel Development - Ericnel
 
Next Generation Address Management with VitalQIP - Alcatel-Lucent and Perficient
Next Generation Address Management with VitalQIP - Alcatel-Lucent and PerficientNext Generation Address Management with VitalQIP - Alcatel-Lucent and Perficient
Next Generation Address Management with VitalQIP - Alcatel-Lucent and Perficient
 
ql.io: Consuming HTTP at Scale
ql.io: Consuming HTTP at Scale ql.io: Consuming HTTP at Scale
ql.io: Consuming HTTP at Scale
 
NetDevOps 202: Life After Configuration
NetDevOps 202: Life After ConfigurationNetDevOps 202: Life After Configuration
NetDevOps 202: Life After Configuration
 
Data Onboarding
Data Onboarding Data Onboarding
Data Onboarding
 
Getting Started with Splunk Enterprise
Getting Started with Splunk EnterpriseGetting Started with Splunk Enterprise
Getting Started with Splunk Enterprise
 
Getting Started with Splunk Enterprise
Getting Started with Splunk EnterpriseGetting Started with Splunk Enterprise
Getting Started with Splunk Enterprise
 
Oracle Basics and Architecture
Oracle Basics and ArchitectureOracle Basics and Architecture
Oracle Basics and Architecture
 
KFServing, Model Monitoring with Apache Spark and a Feature Store
KFServing, Model Monitoring with Apache Spark and a Feature StoreKFServing, Model Monitoring with Apache Spark and a Feature Store
KFServing, Model Monitoring with Apache Spark and a Feature Store
 
New Approaches for Fraud Detection on Apache Kafka and KSQL
New Approaches for Fraud Detection on Apache Kafka and KSQLNew Approaches for Fraud Detection on Apache Kafka and KSQL
New Approaches for Fraud Detection on Apache Kafka and KSQL
 
Delivering New Visibility and Analytics for IT Operations
Delivering New Visibility and Analytics for IT OperationsDelivering New Visibility and Analytics for IT Operations
Delivering New Visibility and Analytics for IT Operations
 
SplunkLive Auckland - Operational Intelligence
SplunkLive Auckland - Operational IntelligenceSplunkLive Auckland - Operational Intelligence
SplunkLive Auckland - Operational Intelligence
 
SplunkLive Wellington 2015 - Operational Intelligence
SplunkLive Wellington 2015 - Operational IntelligenceSplunkLive Wellington 2015 - Operational Intelligence
SplunkLive Wellington 2015 - Operational Intelligence
 
Splunk Enterprise for IT Troubleshooting
Splunk Enterprise for IT TroubleshootingSplunk Enterprise for IT Troubleshooting
Splunk Enterprise for IT Troubleshooting
 
The Real World - Plugging the Enterprise Into It (nodejs)
The Real World - Plugging the Enterprise Into It (nodejs)The Real World - Plugging the Enterprise Into It (nodejs)
The Real World - Plugging the Enterprise Into It (nodejs)
 
Real-Time Health Score Application using Apache Spark on Kubernetes
Real-Time Health Score Application using Apache Spark on KubernetesReal-Time Health Score Application using Apache Spark on Kubernetes
Real-Time Health Score Application using Apache Spark on Kubernetes
 

More from Splunk

.conf Go 2023 - Data analysis as a routine
.conf Go 2023 - Data analysis as a routine.conf Go 2023 - Data analysis as a routine
.conf Go 2023 - Data analysis as a routineSplunk
 
.conf Go 2023 - How KPN drives Customer Satisfaction on IPTV
.conf Go 2023 - How KPN drives Customer Satisfaction on IPTV.conf Go 2023 - How KPN drives Customer Satisfaction on IPTV
.conf Go 2023 - How KPN drives Customer Satisfaction on IPTVSplunk
 
.conf Go 2023 - Navegando la normativa SOX (Telefónica)
.conf Go 2023 - Navegando la normativa SOX (Telefónica).conf Go 2023 - Navegando la normativa SOX (Telefónica)
.conf Go 2023 - Navegando la normativa SOX (Telefónica)Splunk
 
.conf Go 2023 - Raiffeisen Bank International
.conf Go 2023 - Raiffeisen Bank International.conf Go 2023 - Raiffeisen Bank International
.conf Go 2023 - Raiffeisen Bank InternationalSplunk
 
.conf Go 2023 - På liv og død Om sikkerhetsarbeid i Norsk helsenett
.conf Go 2023 - På liv og død Om sikkerhetsarbeid i Norsk helsenett .conf Go 2023 - På liv og død Om sikkerhetsarbeid i Norsk helsenett
.conf Go 2023 - På liv og død Om sikkerhetsarbeid i Norsk helsenett Splunk
 
.conf Go 2023 - Many roads lead to Rome - this was our journey (Julius Bär)
.conf Go 2023 - Many roads lead to Rome - this was our journey (Julius Bär).conf Go 2023 - Many roads lead to Rome - this was our journey (Julius Bär)
.conf Go 2023 - Many roads lead to Rome - this was our journey (Julius Bär)Splunk
 
.conf Go 2023 - Das passende Rezept für die digitale (Security) Revolution zu...
.conf Go 2023 - Das passende Rezept für die digitale (Security) Revolution zu....conf Go 2023 - Das passende Rezept für die digitale (Security) Revolution zu...
.conf Go 2023 - Das passende Rezept für die digitale (Security) Revolution zu...Splunk
 
.conf go 2023 - Cyber Resilienz – Herausforderungen und Ansatz für Energiever...
.conf go 2023 - Cyber Resilienz – Herausforderungen und Ansatz für Energiever....conf go 2023 - Cyber Resilienz – Herausforderungen und Ansatz für Energiever...
.conf go 2023 - Cyber Resilienz – Herausforderungen und Ansatz für Energiever...Splunk
 
.conf go 2023 - De NOC a CSIRT (Cellnex)
.conf go 2023 - De NOC a CSIRT (Cellnex).conf go 2023 - De NOC a CSIRT (Cellnex)
.conf go 2023 - De NOC a CSIRT (Cellnex)Splunk
 
conf go 2023 - El camino hacia la ciberseguridad (ABANCA)
conf go 2023 - El camino hacia la ciberseguridad (ABANCA)conf go 2023 - El camino hacia la ciberseguridad (ABANCA)
conf go 2023 - El camino hacia la ciberseguridad (ABANCA)Splunk
 
Splunk - BMW connects business and IT with data driven operations SRE and O11y
Splunk - BMW connects business and IT with data driven operations SRE and O11ySplunk - BMW connects business and IT with data driven operations SRE and O11y
Splunk - BMW connects business and IT with data driven operations SRE and O11ySplunk
 
Splunk x Freenet - .conf Go Köln
Splunk x Freenet - .conf Go KölnSplunk x Freenet - .conf Go Köln
Splunk x Freenet - .conf Go KölnSplunk
 
Splunk Security Session - .conf Go Köln
Splunk Security Session - .conf Go KölnSplunk Security Session - .conf Go Köln
Splunk Security Session - .conf Go KölnSplunk
 
Data foundations building success, at city scale – Imperial College London
Data foundations building success, at city scale – Imperial College London Data foundations building success, at city scale – Imperial College London
Data foundations building success, at city scale – Imperial College LondonSplunk
 
Splunk: How Vodafone established Operational Analytics in a Hybrid Environmen...
Splunk: How Vodafone established Operational Analytics in a Hybrid Environmen...Splunk: How Vodafone established Operational Analytics in a Hybrid Environmen...
Splunk: How Vodafone established Operational Analytics in a Hybrid Environmen...Splunk
 
SOC, Amore Mio! | Security Webinar
SOC, Amore Mio! | Security WebinarSOC, Amore Mio! | Security Webinar
SOC, Amore Mio! | Security WebinarSplunk
 
.conf Go 2022 - Observability Session
.conf Go 2022 - Observability Session.conf Go 2022 - Observability Session
.conf Go 2022 - Observability SessionSplunk
 
.conf Go Zurich 2022 - Keynote
.conf Go Zurich 2022 - Keynote.conf Go Zurich 2022 - Keynote
.conf Go Zurich 2022 - KeynoteSplunk
 
.conf Go Zurich 2022 - Platform Session
.conf Go Zurich 2022 - Platform Session.conf Go Zurich 2022 - Platform Session
.conf Go Zurich 2022 - Platform SessionSplunk
 
.conf Go Zurich 2022 - Security Session
.conf Go Zurich 2022 - Security Session.conf Go Zurich 2022 - Security Session
.conf Go Zurich 2022 - Security SessionSplunk
 

More from Splunk (20)

.conf Go 2023 - Data analysis as a routine
.conf Go 2023 - Data analysis as a routine.conf Go 2023 - Data analysis as a routine
.conf Go 2023 - Data analysis as a routine
 
.conf Go 2023 - How KPN drives Customer Satisfaction on IPTV
.conf Go 2023 - How KPN drives Customer Satisfaction on IPTV.conf Go 2023 - How KPN drives Customer Satisfaction on IPTV
.conf Go 2023 - How KPN drives Customer Satisfaction on IPTV
 
.conf Go 2023 - Navegando la normativa SOX (Telefónica)
.conf Go 2023 - Navegando la normativa SOX (Telefónica).conf Go 2023 - Navegando la normativa SOX (Telefónica)
.conf Go 2023 - Navegando la normativa SOX (Telefónica)
 
.conf Go 2023 - Raiffeisen Bank International
.conf Go 2023 - Raiffeisen Bank International.conf Go 2023 - Raiffeisen Bank International
.conf Go 2023 - Raiffeisen Bank International
 
.conf Go 2023 - På liv og død Om sikkerhetsarbeid i Norsk helsenett
.conf Go 2023 - På liv og død Om sikkerhetsarbeid i Norsk helsenett .conf Go 2023 - På liv og død Om sikkerhetsarbeid i Norsk helsenett
.conf Go 2023 - På liv og død Om sikkerhetsarbeid i Norsk helsenett
 
.conf Go 2023 - Many roads lead to Rome - this was our journey (Julius Bär)
.conf Go 2023 - Many roads lead to Rome - this was our journey (Julius Bär).conf Go 2023 - Many roads lead to Rome - this was our journey (Julius Bär)
.conf Go 2023 - Many roads lead to Rome - this was our journey (Julius Bär)
 
.conf Go 2023 - Das passende Rezept für die digitale (Security) Revolution zu...
.conf Go 2023 - Das passende Rezept für die digitale (Security) Revolution zu....conf Go 2023 - Das passende Rezept für die digitale (Security) Revolution zu...
.conf Go 2023 - Das passende Rezept für die digitale (Security) Revolution zu...
 
.conf go 2023 - Cyber Resilienz – Herausforderungen und Ansatz für Energiever...
.conf go 2023 - Cyber Resilienz – Herausforderungen und Ansatz für Energiever....conf go 2023 - Cyber Resilienz – Herausforderungen und Ansatz für Energiever...
.conf go 2023 - Cyber Resilienz – Herausforderungen und Ansatz für Energiever...
 
.conf go 2023 - De NOC a CSIRT (Cellnex)
.conf go 2023 - De NOC a CSIRT (Cellnex).conf go 2023 - De NOC a CSIRT (Cellnex)
.conf go 2023 - De NOC a CSIRT (Cellnex)
 
conf go 2023 - El camino hacia la ciberseguridad (ABANCA)
conf go 2023 - El camino hacia la ciberseguridad (ABANCA)conf go 2023 - El camino hacia la ciberseguridad (ABANCA)
conf go 2023 - El camino hacia la ciberseguridad (ABANCA)
 
Splunk - BMW connects business and IT with data driven operations SRE and O11y
Splunk - BMW connects business and IT with data driven operations SRE and O11ySplunk - BMW connects business and IT with data driven operations SRE and O11y
Splunk - BMW connects business and IT with data driven operations SRE and O11y
 
Splunk x Freenet - .conf Go Köln
Splunk x Freenet - .conf Go KölnSplunk x Freenet - .conf Go Köln
Splunk x Freenet - .conf Go Köln
 
Splunk Security Session - .conf Go Köln
Splunk Security Session - .conf Go KölnSplunk Security Session - .conf Go Köln
Splunk Security Session - .conf Go Köln
 
Data foundations building success, at city scale – Imperial College London
Data foundations building success, at city scale – Imperial College London Data foundations building success, at city scale – Imperial College London
Data foundations building success, at city scale – Imperial College London
 
Splunk: How Vodafone established Operational Analytics in a Hybrid Environmen...
Splunk: How Vodafone established Operational Analytics in a Hybrid Environmen...Splunk: How Vodafone established Operational Analytics in a Hybrid Environmen...
Splunk: How Vodafone established Operational Analytics in a Hybrid Environmen...
 
SOC, Amore Mio! | Security Webinar
SOC, Amore Mio! | Security WebinarSOC, Amore Mio! | Security Webinar
SOC, Amore Mio! | Security Webinar
 
.conf Go 2022 - Observability Session
.conf Go 2022 - Observability Session.conf Go 2022 - Observability Session
.conf Go 2022 - Observability Session
 
.conf Go Zurich 2022 - Keynote
.conf Go Zurich 2022 - Keynote.conf Go Zurich 2022 - Keynote
.conf Go Zurich 2022 - Keynote
 
.conf Go Zurich 2022 - Platform Session
.conf Go Zurich 2022 - Platform Session.conf Go Zurich 2022 - Platform Session
.conf Go Zurich 2022 - Platform Session
 
.conf Go Zurich 2022 - Security Session
.conf Go Zurich 2022 - Security Session.conf Go Zurich 2022 - Security Session
.conf Go Zurich 2022 - Security Session
 

Recently uploaded

Azure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & ApplicationAzure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & ApplicationAndikSusilo4
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Patryk Bandurski
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Alan Dix
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsMark Billinghurst
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxKatpro Technologies
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
Benefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksBenefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksSoftradix Technologies
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
Pigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationRidwan Fadjar
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure servicePooja Nehwal
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphSIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphNeo4j
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitecturePixlogix Infotech
 

Recently uploaded (20)

Azure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & ApplicationAzure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & Application
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR Systems
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
Benefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksBenefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other Frameworks
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
Pigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping Elbows
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 Presentation
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphSIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC Architecture
 

Getting Started with Splunk Enterprise Hands-On

  • 1. Copyright  ©  2015  Splunk  Inc.   Ge:ng  Started  with   Splunk  Enterprise   Hands-­‐On  Tour   Zachary  Carney   Sr.  Splunk  Sales  Engineer  
  • 2. 2   ]   Make  machine  data  accessible,  usable     and  valuable  to  everyone.    
  • 4. 4   Big  Data   Big  data  is  a  term  for  data  sets  that  are  so  large  or  complex  that   tradiQonal  data  processing  applicaQons  are  inadequate.     Manually  or  automaQcally  generated,  not  always  Qme  stamped   events     Term  typically  refers  to  the  use  of  analyQcs  in  order  to  extract  value   from  the  data  set.  
  • 6. 6   Machine Data Time  stamped,  high  volume,  machine  generated  (velocity)     No  single  form  or  format  (variable)     DefiniQve  record  of  events  in  your  organizaQon    
  • 7. 7   Machine Data   Defini,ve  record  of  events  in  your  organiza,on       This  is  how  security  engineers  idenQfy  and  interrupt  kill  chains     This  is  user  telemetry  data  that  reveals  soZware  bugs     This  is  how  we  spot  correlaQons  in  customer  behavior            
  • 8. 8   The  AcceleraQng  Pace  of  Data   Volume    |    Velocity    |    Variety  |  Variability   GPS,   RFID,   Hypervisor,   Web  Servers,   Email,  Messaging,   Clickstreams,  Mobile,     Telephony,  IVR,  Databases,   Sensors,  TelemaQcs,  Storage,   Servers,  Security  Devices,  Desktops     Machine  data  is  the  fastest  growing,  most   complex,  most  valuable  area  of  big  data  
  • 9. 9   Turning  Machine  Data  Into  Business  Value   Index  Untapped  Data:  Any  Source,  Type,  Volume   Online   Services   Web   Services   Servers   Security   GPS   LocaQon   Storage   Desktops   Networks   Packaged   ApplicaQons   Custom   ApplicaQons  Messaging   Telecoms   Online   Shopping   Cart   Web   Clickstreams   Databases   Energy   Meters   Call  Detail   Records   Smartphones   and  Devices   RFID   On-­‐   Premises   Private     Cloud   Public     Cloud    Ask  Any  Ques,on   Applica,on  Delivery   Security,  Compliance   and  Fraud   IT  Opera,ons   Business  Analy,cs   Industrial  Data  and   the  Internet  of  Things  
  • 10. 10   Industry  Leading  Plaeorm  for  Machine  Data   Index  Untapped  Data:  Any  Source,  Type,  Volume   Online   Services   Web   Services   Servers   Security   GPS   LocaQon   Storage   Desktops   Networks   Packaged   ApplicaQons   Custom   ApplicaQons  Messaging   Telecoms   Online   Shopping   Cart   Web   Clickstreams   Databases   Energy   Meters   Call  Detail   Records   Smartphones   and  Devices   RFID   On-­‐   Premises   Private     Cloud   Public     Cloud    Ask  Any  Ques,on   Applica,on  Delivery   Security,  Compliance   and  Fraud   IT  Opera,ons   Business  Analy,cs   Industrial  Data  and   the  Internet  of  Things   Any  amount,  any  locaQon,  any  source   Schema-­‐ on-­‐the-­‐fly   Universal   indexing   No     back-­‐end   RDBMS   No  need     to  filter   data  
  • 11. 11   Plaeorm  for  OperaQonal  Intelligence   Rich  Ecosystem  of   Apps  &  Add-­‐Ons   Splunk  Premium   Solu,ons   Mainframe   Data   RelaQonal   Databases   Mobile  Forwarders   Syslog/TCP   IoT   Devices   Network   Wire  Data   Hadoop     The  Splunk  Poreolio  
  • 12. 12   Download  Splunk  Enterprise  for  your  OS  and  Architecture.  
  • 14. 14   Text   With  Firefox,  Chrome,  or  Safari  –  head  to  hjp://127.0.0.1:8000  .  User=admin  password=changeme  
  • 15. 15   SPL  Commands  run  on  tutorial  data   ************************   search  basics   ************************   buPercupgames   Qme  picker   buPercupgames  400   buPercupgames  400  OR  300   buPercupgames  status=500  OR  status=400   fields>>”status”>>make  selected  field   select  “top  values”   modify  query:   bujercupgames  status=500  OR  status=400|  top  limit=20  status   to   buPercupgames  status=500  OR  status=4*|  top  limit=20  status   bar  and  pie  chart   back  to  raw  search:   buPercupgames  status=500  OR  status=4*   fields>>”status”>>top  values  over  Qme   line  vs  bar  graph..   look  at  raw  search  and  discuss  |  pipe   bujercupgames  status=500  OR  status=4*|  Qmechart  count  by  status  limit=10   buPercupgames  status=*   drill  into  histogram  bar..   fields>>”status”>>top  values  by  Qme   modify  search  to  exclude  200   buPercupgames  status=*  AND  status!=200  |  ,mechart  count  by  status  limit=10   is  the  same  as:   buPercupgames  status=*  NOT  status=200  |  ,mechart  count  by  status  limit=10   same  event  result  count   change  line  to  column   column  to  stack   save  as  new  dash  board   search  bujon  back  to  home  screen   ************************   field  extracQon   ************************   buPercupgames   select  an  event  (any  event)   click  >  to  expand  the  fields  of  the  event  and  the  event  opQons   click  “event  opQons>>extract  fields”   select  “regular  expressions”     select  “next”   highlight  the  value  of  the  field  you  want  to  extract..  in  this  case  mozilla   name  the  field  “browser_type”   show  regular  expression..   preview  events  and  browser  type  to  verify  it  looks  good   validate  for  removal   permissions:  all  apps   save  and  search…   fields>>”browser_type”  as  selected  field   “browser_type”  top  values   bar  graph,  pie  graph   add  pie  to  exisQng  dashboard   view  in  search  the  “status  by  day”  original  dashboard  panel:   bujercupgames  status=*  NOT  status=200  |  Qmechart  count  by  status  limit=10   add  new  extracted  field  Qmes  to  break  out  status  by  browser   buPercupgames  status=*  NOT  status=200  browser_type=opera  |  ,mechart  count  by  status  limit=10   add  to  dashboard  panel  as  opera  status   buPercupgames  status=*  NOT  status=200  browser_type=mozilla  |  ,mechart  count  by  status  limit=10   add  to  dashboard  panel  as  mozilla  status   Dashboard  now  shows  status  codes  by  day,  browser  types,  and  status  codes  by  browser  type  
  • 16. 16   SPL  Commands  run  on  tutorial  data   ***************   alerts   ***************   search..   buPercupgames   Search  for  unsuccessful  events  that  exceed  100  in  quanQty   save  as  alerts,  scheduled  once  a  min   scheduled,  run  on  chron,  early  -­‐90d,  latest  now,  cron  expression  “  */1  *  *  *  *  ”  ,  trigger  results  >  0,     *********   geostats   *********   buPercupgames  status=*  |  iploca,on  clien,p   fields>>city   fields>>state   buPercupgames  status=*  |  iploca,on  clien,p  |  geostats  count  by  ac,on   Save  to  dashboard   Sweet!      
  • 17. Copyright  ©  2015  Splunk  Inc.   SEPT  26-­‐29,  2016   WALT  DISNEY  WORLD,  ORLANDO   SWAN  AND  DOLPHIN  RESORTS   •  5000+    IT  &  Business  Professionals   •  3  days  of  technical  content   •  165+  sessions     •  80+  Customer  Speakers   •  35+  Apps  in  Splunk  Apps  Showcase   •  75+  Technology  Partners   •  1:1  networking:  Ask  The  Experts  and  Security   Experts,  Birds  of  a  Feather  and  Chalk  Talks   •  NEW  hands-­‐on  labs!     •  Expanded  show  floor,  Dashboards  Control   Room  &  Clinic,  and  MORE!     The  7th  Annual  Splunk  Worldwide  Users’  Conference   PLUS  Splunk  University   •  Three  days:  Sept  24-­‐26,  2016   •  Get  Splunk  CerQfied  for  FREE!   •  Get  CPE  credits  for  CISSP,  CAP,  SSCP   •  Save  thousands  on  Splunk  educaQon!   #splunkconf2016