Practical Splunk for Beginners (Video Course), 2nd Edition
- By Karun Subramanian
- Published Jul 23, 2024 by Addison-Wesley Professional.
Online Video
- Your Price: $239.99
- List Price: $299.99
- About this video
Video accessible from your Account page after purchase.
Register your product to gain access to bonus material or receive a coupon.
Description
- Copyright 2024
- Edition: 2nd
- Online Video
- ISBN-10: 0-13-531885-8
- ISBN-13: 978-0-13-531885-0
5+ Hours of Video Instruction
Description
A hands-on approach to learning the Splunk platform to search, report, and visualize machine-generated data. Splunk is the market-leading platform for unified observability, enabling organizations to develop, organize, and communicate data insights. Using Splunk, you can collect, transport, and index peta-byte scale telemetry data in a centralized platform. Application developers, SREs, DevOps professionals, and security analysts can use Splunk to explore and analyze data in real time, empowering them to respond to incidents rapidly. The Splunk Search Processing Language (SPL) is the secret to Splunks capabilities in slicing and dicing the data. In addition to SPL, Splunk provides versatile tools such as field extractions, lookups, dashboards, and alerts to develop intelligence using the data collected. With all the sophisticated features offered by Splunk, beginners usually find the platform difficult to learn. That is where this well-designed and user-oriented course comes in.
Overview
Practical Splunk for Beginners LiveLessons, Second Edition provides you with functional, hands-on instruction on how to create data intelligence from machine-generated data and then use Splunk Dashboard Studio to display it. Using several examples and demonstrations, this course walks through the most useful functionalities, such as using the field extraction wizard, grouping events, using external lookups, creating statistics, configuring alerts, scheduling searches, and developing dashboards. Learners gain valuable skill and knowledge to create complex SPL queries, understand queries written by others, and improve dashboard performance. The real-world examples presented in this course (for example, latency and HTTP error analysis of a web application) will enable learners to immediately make an impact in their organizations.
Skill Level
Beginner to Intermediate
Learn How To
- Search using Search Processing Language (SPL)
- Group and correlate events
- Perform statistical calculations from search results
- Visualize data using charts
- Create reports and alerts
- Create dashboards
- Use lookups to enhance search results
- Create data dashboards in Splunk Dashboard Studio
Who Should Take This Course
- Users in the IT Operations area who need to use Splunk for monitoring and troubleshooting their applications and infrastructure
- Application developers and architects who need to analyze application log files
- Security professionals, who can use the course if they use Splunk as an SIEM platform
Course Requirements
- Basic Linux commands
- Basic SQL queries
Lesson Descriptions
Lesson 1: The Splunk Platform
In this lesson Karun covers the basics of the Splunk platform. You learn what Splunk is and why organizations use it. He reviews the various components that make up the Splunk platform. He covers the role of a Splunk search head and an indexer and the practical ways Splunk can be utilized in your organization. Finally, Karun shows you how to install and set up Splunk in your own local environment. Learning is lot easier and fun when you have your own Splunk environment. By the end of the lesson you will have a good understanding of the Splunk platform, setting you up for more learning and effective use.
Lesson 2: Search Processing Language
This lesson dives into the Splunk Search Processing Language (SPL), which is the backbone of the Splunk platform. Karun presents the Splunk search interface by walking you through the Splunk Web search and reporting app. Then he moves on to exploring the structure and syntax of an SPL query. Karun talks about components you can use in an SPL Query such as wildcards, key value pairs, Boolean expressions, and the all-powerful PIPE. Finally, you start to run your own searches. Karun reviews plenty of examples that cover various aspects of an SPL query. By the end of this lesson you will have learned how to start running simple SPL queries to retrieve data from Splunk.
Lesson 3: Creating Statistics
In Lesson 3 you learn one of the most useful functions of Splunk: creating statistics out of your machine data. Karun starts by exploring how to use the Stats command. Then he explores many examples of the Stats command, and you learn how to use mathematical functions. You then learn one of the most utilized commands in SPL, Eval. Using Eval, you learn how to create and manipulate field values. Finally, you learn how to plot metrics against time using the Timechart command. By the end of this lesson, you will know how to use Stats, Eval, and Timechart to produce useful data intelligence from your machine data.
Lesson 4: Fields and Field Extractions
Fields enable you to tailor your searches. Fields are searchable key-value pairs in your data. First, Karun covers fields in general and then turns to how they are used in Splunk. Next, he explores how to use the Field extraction wizard, which is a menu-driven GUI that you can use to create fields without having to type regular expressions. Finally, Karun covers the Rex command, with plenty of examples of extracting fields using SPL. Learning to use the Rex command will come in very handy when you must manually extract fields from your data. By the end of this lesson you will have learned how to extract and use fields in your data.
Lesson 5: Grouping Events and Using Lookups
In this lesson, you learn even more ways to explore and enhance your machine data using Splunk. First, learn the techniques you can use to group and correlate data. You do this by exploring the Transaction command. Next you learn how to use the Join and Append family of SPL commands. They can be extremely helpful for correlating data. Finally, you learn to use one of the widely used knowledge objects, lookups, to enhance your search results. Karun creates a lookup table from scratch using Splunk tutorial data. By the end of this lesson you will have learned how to group and correlate data and also use lookups in Splunk effectively.
Lesson 6: Creating Reports and Alerts
In Lesson 6 you are getting into the application of what youve learned in the previous lessons. In this lesson, you learn all about reports and alerts. First, you learn how to create reports from your search results. Then, you learn how to save and schedule your reports. We cover how to use cron to schedule your reports. By scheduling a report, you can have the results emailed to you automatically. Finally, you learn how to create Splunk alerts. Karun covers how to schedule an alert and configure the threshold and trigger actions. By the end of this lesson, you will have thorough knowledge of how to create Splunk reports and alerts.
Lesson 7: Creating Dashboards
In this lesson you learn how to create stunning dashboards using various Splunk visualizations. First, Karun has you create a basic dashboard from your search results. He covers the various aspects of a dashboard, such as panels and simple-xml code. You then learn how to configure drilldown in your dashboards. Drilldowns enable you to have interactivity in your dashboards. Karun shows you how easy it is to create a dynamic drilldown that can capture information from users clicks. Finally, you learn how to add even more interactivity to your dashboards by adding input panels. You learn how to use drop-down menus using an example. Input panels enable you to add controls such as radio buttons, multi-select, and text fields. By the end of this lesson, you will have learned how to create useful and beautiful Splunk dashboards to make use of your data.
Lesson 8: Using Splunk Dashboard Studio
In the final lesson Karun covers the Splunk Dashboard Studio, the new way to create dashboards in Splunk. He begins by introducing the studio, taking a look at the user interface. Then he turns to creating an actual dashboard using Splunk Dashboard Studio. Karun shows you how efficient Splunk Dashboard Studio is when it comes to placing and arranging dashboard panels on the dashboard canvas. Next, he covers adding dashboard interactions such as drop-down menus and drilldowns. Karun then moves on to how to use data sources within the Dashboard Studio, covering how to chain the searches to simplify the panels and improve the dashboard performance. By the end of this lesson, you learn how to use Splunk Dashboard Studio to create beautiful, interactive dashboards and share them with others.
About Pearson Video Training
Pearson publishes expert-led video tutorials covering a wide selection of technology topics designed to teach you the skills you need to succeed. These professional and personal technology videos feature world-leading author instructors published by your trusted technology brands: Addison-Wesley, Cisco Press, Pearson IT Certification, Sams, and Que. Topics include IT Certification, Network Security, Cisco Technology, Programming, Web Development, Mobile Development, and more. Learn more about Pearson Video training at http://www.informit.com/video.
Sample Content
Table of Contents
Lesson 1: The Splunk Platform
Lesson 2: Search Processing Language
Lesson 3: Creating Statistics
Lesson 4: Fields and Field Extractions
Lesson 5: Grouping Events and Using Lookups
Lesson 6: Creating Reports and Alerts
Lesson 7: Creating Dashboards
Lesson 8: Using Splunk Dashboard Studio