售 价:¥
9.8
温馨提示:数字商品不支持退换货,不提供源文件,不支持导出打印
为你推荐
Splunk Essentials Second Edition
Splunk Essentials Second Edition
Credits
About the Authors
About the Reviewer
www.PacktPub.com
Why subscribe?
Preface
What this book covers
What you need for this book
Who this book is for
Conventions
Reader feedback
Customer support
Downloading the example code
Downloading the color images of this book
Errata
Piracy
Questions
1. Splunk in Action
Your Splunk.com account
Obtaining a Splunk.com account
Installing Splunk on Windows
Logging in the first time
Run a simple search
Creating a Splunk app
Populating data with Eventgen
Installing an add-on
Controlling Splunk
Configuring Eventgen
Viewing the Destinations app
Creating your first dashboard
Summary
2. Bringing in Data
Splunk and big data
Streaming data
Latency of data
Sparseness of data
Splunk data sources
Machine data
Web logs
Data files
Social media data
Other data types
Creating indexes
Buckets
Data inputs
Splunk events and fields
Extracting new fields
Summary
3. Search Processing Language
Anatomy of a search
Search pipeline
Time modifiers
Filtering search results
Search command - stats
Search command - top/rare
Search commands - chart and timechart
Search command - eval
Search command - rex
Summary
4. Data Models and Pivot
Creating a data model
Adding attributes to objects
Creating child objects
Creating an attribute based on a regular expression
Data model acceleration
The Pivot Editor
Creating a chart from a Pivot
Creating an area chart
Creating a pie chart showing destination details by airport code
Single value with trending sparkline
Rearranging your dashboard
Summary
5. Data Optimization, Reports, Alerts, and Accelerating Searches
Data classification with event types
Data normalization with tags
Data enrichment with lookups
Creating reports
Creating alerts
Search and report acceleration
Scheduling best practices
Summary indexing
Summary
6. Panes of Glass
Creating effective dashboards
Types of dashboard
Gathering information and business requirements
Dynamic form-based dashboard
Creating a Status Distribution panel
Creating the Status Types Over Time panel
Creating the Hits vs Response Time panel
Arranging the dashboard
Panel options
Pie chart - status distribution
Stacked area chart - Status Types Over Time
Column with line overlay combo chart - Hits vs Response Time
Form inputs
Creating a time range input
Creating a radio input
Creating a dropdown input
Static Real-Time dashboard
Single Value Panels with color ranges
Creating panels by cloning
Single Value Panels with trends
Real-time column charts with line overlays
Creating a map called a choropleth
Summary
7. Splunk SDK for JavaScript and D3.js
Introduction to Splunk SDKs
Practical applications of Splunk's SDK
Prerequisites
Creating a CRON Job
Creating a saved search
Creating the final dashboard\jobs.js
HTTP server
Rendering the chart
Summary
8. HTTP Event Collector
What is the HEC?
How does the HEC work?
How data flows to the HEC?
Logging in data
Using a token with data
Sending out the data request
Verifying the token
Indexing the data
Enabling the HEC
Generating an HEC authentication token
How to test the HEC with cURL and PowerShell
Using the HEC with dynamic UI events
JavaScript logging with the HEC
Summary
9. Best Practices and Advanced Queries
Temporary indexes and oneshot indexing
Searching within an index
Search within a limited time frame
Quick searches via fast mode
Using event sampling
Splunk Universal Forwarders
Advanced queries
Subsearch
Using append
Using join
Using eval and if
Using eval and match with a case function
How to improve logs
Including clear key-value pairs
Creating events that are understandable to human readers
Remember to use timestamps for all events
Be sure your identifiers are unique
Log using text format, not binary
Use formats that developers can use easily
Log what you think might be useful at some point
Create use categories with meaning
Include the source of the log event
Minimize the number of multi-line events
Summary
买过这本书的人还买过
读了这本书的人还在读
同类图书排行榜
购物车
个人中心
