Packt+ | Advance your knowledge in tech

0

All Products

Best Sellers

New Releases

Books

Videos

Audiobooks

Free Learning

Splunk 7 Essentials, Third Edition

You're reading from Splunk 7 Essentials, Third Edition Demystify machine data by leveraging datasets, building reports, and sharing powerful insights

Product type Paperback

Published in Mar 2018

Publisher Packt

ISBN-13 9781788839112

Length 220 pages

Edition 3rd Edition

Languages

C++

Tools

Splunk

Concepts

Operational Intelligence

Authors (4):

J-P Contreras

Steven Koelpin

Erickson Delgado

Betsy Page Sigman

View More author details

Table of Contents (15) Chapters

Title Page

Copyright and Credits

Packt Upsell

Contributors

Preface

1. Splunk – Getting Started FREE CHAPTER

2. Bringing in Data

3. Search Processing Language

4. Reporting, Alerts, and Search Optimization

5. Dynamic Dashboarding

6. Data Models and Pivot

7. HTTP Event Collector

8. Best Practices and Advanced Queries

9. Taking Splunk to the Organization

Index

How data flows to the HEC

Let's begin by looking at how data flows to the HEC. This is a multi-step process that is important to understand.

Logging data

Before Splunk can capture any data, it needs to be packaged from the source, which can be done in a number of different ways:

A Splunk logging library for Java, JavaScript, or .NET
Another agent, such as a JavaScript request library
The Java Apache HTTP client
And lastly, some other client packing data in JSON or raw formats

Before going further, let's review what the JSON format means. A couple of examples of key-value pairs in JSON format are shown here. The key is listed first, then a colon, and then the value of that key. Sequences of key-value pairs must be separated by commas:

{
    "time": 1519413100, // epoch time
    "host": "localhost",
    "source": "datasource",
    "sourcetype": "txt",
    "index": "main",
    "event": { "Hello world!" }
}

Using a token with data

In addition to the formatting of the event data, each data package will...

The rest of the chapter is locked

Register for a free Packt account to unlock a world of extra content!

A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.

Unlock this book and the full library FREE for 7 days

Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of

Start free trial

Renews at £13.99/month. Cancel anytime

Authors (4)

J-P Contreras

J-P Contreras

J-P Contreras, a Splunk-certified administrator and sales engineer, has delivered value-oriented data analytics and performance planning solutions for 20+ years. He has built award-winning consulting teams to help companies turn data into analytical insights. He helps companies implement Splunk and enjoys everything the Splunk community offers. He received his MBA in e-commerce from DePaul University's Kellstadt Graduate School of Business, Chicago, in 2001. He trains in DePaul's Continuing Education Program and is a member of DePaul's Driehaus School of Business Advisory Board. He'd like to thank his family, especially his wife and children, and close friends for making life so enjoyable.

See other products by J-P Contreras

Steven Koelpin

Steven Koelpin

See other products by Steven Koelpin

Erickson Delgado

Erickson Delgado

Erickson Delgado is an enterprise architect who loves to mine and analyze data. He began using Splunk in version 4.0 and has pioneered its use into his current work. He has worked with start-up companies in the Philippines to help build their open source infrastructure. He has developed applications with Python and node.js and is interested in Go and recovering programming with C/C++. In the recent years, he engaged himself in employing DevOps in his work. He blows off steam by saltwater fishing, mountain biking, crafting robots, and touring the country. He lives in Orlando.

See other products by Erickson Delgado

Betsy Page Sigman

Betsy Page Sigman

Betsy Page Sigman is a distinguished professor at the McDonough School of Business at Georgetown University in Washington, D.C. She has taught courses in statistics, project management, databases, and electronic commerce for the last 16 years, and has been recognized with awards for teaching and service. She has also worked at George Mason University in the past. Her recent publications include a Harvard Business case study and a Harvard Business review article. Additionally, she is a frequent media commentator on technological issues and big data.

See other products by Betsy Page Sigman

Other recommended products

Related to this chapter

Splunk 7.x Quick Start Guide

Splunk 7.x Quick Start Guide

Splunk is a leading platform and solution for collecting, searching, and extracting value from ever increasing amounts of big data – and big data is eating the world! This book covers all the crucial Splunk topics and gives you the information and examples to get the immediate job done. You will find enough insights to support further research for using Splunk to suit any business environment or situation.

Nov 2018 9h 56m

Splunk Operational Intelligence Cookbook

Splunk Operational Intelligence Cookbook

This book demonstrates the power of Splunk 7.x to offer you quick solutions and strategies to bring efficient operational intelligence in your organization. Implement a wide range of tasks in recipe format to perform operations on machine data. Learn to achieve intelligent data-driven way using machine learning capabilities to explore complex data.

May 2018 18h 2m

Mastering Splunk 8

Mastering Splunk 8

This book will cover Splunk's offerings to efficiently capture, index, and correlate data from a searchable repository all in real-time to generate insightful graphs, reports, dashboards, and alerts. Developers and architects alike can be in high demand if they become experts with this tool.

Dec 2020 15h 12m

Implementing Splunk 7

Implementing Splunk 7

This book will help you implement Splunk 7's new services and will show you how to utilize them to quickly and efficiently process machine-generated big data. You will explore Splunk Cloud and the Machine Learning Toolkit and use them with ease throughout your organization. By the end of the book, you will have learned to implement these services in your tasks at work.

Mar 2018 19h 12m

Big Data Visualization

Big Data Visualization

Uncover new approaches to big data visualization to make your analysis more effective and efficient with Big Data Visualization. Featuring in-depth coverage of big data analysis concepts together with industry-proven techniques, you?ll learn how to approach the challenge of big data visualization with confidence, ease and precision.

Feb 2017 10h 8m

Learn Grafana 7.0

Learn Grafana 7.0

This book will focus on Grafana 7.0's features to build interactive dashboards to visualize and monitor data. You will cover the administrative aspects of Grafana and working with various plugins. By the end of this book, you will have enough knowledge to query, visualize, and understand your metrics and use the new improved security features.

Jun 2020 13h 40m

Personalised recommendations for you

Based on your interests and search pattern

Mathematics of Machine Learning

Mathematics of Machine Learning

Deepen your theoretical knowledge and enhance your ability to solve complex machine learning problems with structured guidance. Gain the confidence to engage with advanced ML literature and tailor algorithms to meet your project requirements.

May 2025 24h 20m

Generative AI with Python and PyTorch

Generative AI with Python and PyTorch

Learn how to create images and text using VAEs, GANs, LSTMs, and transformers. Implement applications in natural language processing and computer vision through practical tutorials.

Mar 2025 15h 0m

Practical Generative AI with ChatGPT

Practical Generative AI with ChatGPT

This book helps you unlock ChatGPT's potential to make your working life better. From prompt engineering to creating custom GPTs, you'll enhance your productivity, creativity, and efficiency with practical insights and advanced techniques.

Apr 2025 12h 52m

Generative AI with LangChain

Generative AI with LangChain

Gain a solid foundation in LangChain, agentic AI, and LangGraph, and learn to build production-ready systems with multi-agent architectures, advanced RAG pipelines, Tree of Thought reasoning, agent handoffs, and fine-grained error handling.

May 2025 15h 52m

Architecting Power BI Solutions in Microsoft Fabric

Architecting Power BI Solutions in Microsoft Fabric

Power BI provides several options to solve common data problems, and designing the correct solution for each scenario can be a daunting task. This book makes it easier by guiding you through designing optimal solutions using Power BI.

Apr 2025 14h 16m

Microsoft Identity and Access Administrator SC-300 Exam Guide

Microsoft Identity and Access Administrator SC-300 Exam Guide

This comprehensive guide covers key topics such as Microsoft Entra ID implementation, authentication and access management, external user management, and hybrid identity solutions, providing practical insights and techniques for SC-300 exam success.

Mar 2025 19h 48m

LLM Design Patterns

LLM Design Patterns

This book helps you gain practical skills to develop and deploy LLMs. You'll learn data prep, training, pruning, quantization, and evaluation, as well as explore RAG, advanced prompting, and optimization to build robust, scalable language models.

May 2025 17h 48m

Tableau Cookbook for Experienced Professionals

Tableau Cookbook for Experienced Professionals

Advance your Tableau knowledge beyond the basics, streamline dashboard performance, tackle advanced geospatial challenges, and unlock API potential while fortifying your corporate data infrastructure with proven best practices.

Apr 2025 12h 24m

Time Series Analysis with Spark

Time Series Analysis with Spark

This book offers a complete guide to time series analysis with Apache Spark and Databricks, covering essential concepts and advanced techniques including Generative AI to equip readers with skills for real-world challenges across industries.

Mar 2025 9h 56m

Hands-On Artificial Intelligence for IoT

Hands-On Artificial Intelligence for IoT

Transform IoT systems with the power of artificial intelligence using this hands-on guide. Dive into practical techniques and expert insights to innovate and optimize your IoT devices, making them smarter and more efficient.

May 2025 15h 44m