Search icon Close icon
Search icon CANCEL
Subscription
0
Cart icon
Your Cart (0 item)
Close icon
You have no products in your basket yet
Save more on your purchases! discount-offer-chevron-icon
Savings automatically calculated. No voucher code required.
Checkout

Change country

Modal Close icon
Country selected Country selected
country flag United States
Country selected
country flag Great Britain
Country selected
country flag India
Country selected
country flag Germany
Country selected
country flag France
Country selected
country flag Canada
Country selected
country flag Russia
Country selected
country flag Spain
Country selected
country flag Brazil
Country selected
country flag Australia
Country selected
country flag South Africa
Country selected
country flag Thailand
Country selected
country flag Ukraine
Country selected
country flag Switzerland
Country selected
country flag Slovakia
Country selected
country flag Luxembourg
Country selected
country flag Hungary
Country selected
country flag Romania
Country selected
country flag Denmark
Country selected
country flag Ireland
Country selected
country flag Estonia
Country selected
country flag Belgium
Country selected
country flag Italy
Country selected
country flag Finland
Country selected
country flag Cyprus
Country selected
country flag Lithuania
Country selected
country flag Latvia
Country selected
country flag Malta
Country selected
country flag Netherlands
Country selected
country flag Portugal
Country selected
country flag Slovenia
Country selected
country flag Sweden
Country selected
country flag Argentina
Country selected
country flag Colombia
Country selected
country flag Ecuador
Country selected
country flag Indonesia
Country selected
country flag Mexico
Country selected
country flag New Zealand
Country selected
country flag Norway
Country selected
country flag South Korea
Country selected
country flag Taiwan
Country selected
country flag Turkey
Country selected
country flag Czechia
Country selected
country flag Austria
Country selected
country flag Greece
Country selected
country flag Isle of Man
Country selected
country flag Bulgaria
Country selected
country flag Japan
Country selected
country flag Philippines
Country selected
country flag Poland
Country selected
country flag Singapore
Country selected
country flag Egypt
Country selected
country flag Chile
Country selected
country flag Malaysia
Country selected
Arrow left icon
All Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Newsletter Hub
Free Learning
Arrow right icon
timer SALE ENDS IN
0 Days
:
00 Hours
:
00 Minutes
:
00 Seconds
Arrow up icon
GO TO TOP
Splunk Operational Intelligence Cookbook

You're reading from   Splunk Operational Intelligence Cookbook Over 80 recipes for transforming your data into business-critical insights using Splunk

Arrow left icon
Product type Paperback
Published in May 2018
Publisher
ISBN-13 9781788835237
Length 541 pages
Edition 3rd Edition
Languages
Tools
Concepts
Arrow right icon
Authors (4):
Arrow left icon
Josh Diakun Josh Diakun
Author Profile Icon Josh Diakun
Josh Diakun
Josh Diakun is an IT operations and security specialist with a focus on creating data-driven operational processes. He has over 10 years of experience managing and architecting enterprise-grade IT environments. For the past 7 years, he has been architecting, deploying and developing on Splunk as the core platform for organizations to gain security and operational intelligence. Josh is a founding partner at Discovered Intelligence, a company specializing in data intelligence services and solutions. He is also a co-founder of the Splunk Toronto User Group.
Read more
See other products by Josh Diakun
Yogesh Raheja, Thinknyx Technologies Yogesh Raheja, Thinknyx Technologies
Author Profile Icon Yogesh Raheja, Thinknyx Technologies
Yogesh Raheja, Thinknyx Technologies
LinkedIn
Thinknyx® Technologies is a recognized brand providing IT consulting & implementation services, delivering comprehensive Information Technology and Soft Skills Trainings and providing Talent Acquisition (Recruitment) solutions to diverse organizations worldwide. With over a decade of core industry experience, they have successfully aided their customers in strategic planning and flawless execution of solutions around IT and Non-IT initiatives. Yogesh Raheja is the Founder and a senior Solutions Architect at Thinknyx Technologies and an instructor of video courses. Yogesh has been a trusted advisor for numerous organizations, guiding them through their DevOps journey, infrastructure as code, containerization, cloud computing, Automation solutions and AI/ML/Generative AI with his expertise. He has also authored several globally published books (like "Effective DevOps with AWS", "Automation with SaltStack", "Automation with Puppet 5" and "Automation with Ansible") published by Packt, Wiley, and OrangeAVA.
Read more
See other products by Yogesh Raheja, Thinknyx Technologies
Paul R. Johnson Paul R. Johnson
Author Profile Icon Paul R. Johnson
Paul R. Johnson
Paul R Johnson has over 10 years of data intelligence experience in the areas of information security, operations, and compliance. He is a partner at Discovered Intelligence, a company specializing in data intelligence services and solutions. Paul previously worked for a Fortune 10 company, leading IT risk intelligence initiatives and managing a global Splunk deployment. Paul co-founded the Splunk Toronto User Group and lives and works in Toronto, Canada.
Read more
See other products by Paul R. Johnson
Derek Mock Derek Mock
Author Profile Icon Derek Mock
Derek Mock
Derek Mock is a software developer and big data architect who specializes in IT operations, information security, and cloud technologies. He has 15 years' experience developing and operating large enterprise-grade deployments and SaaS applications. He is a founding partner at Discovered Intelligence, a company specializing in data intelligence services and solutions. For the past 6 years, he has been leveraging Splunk as the core tool to deliver key operational intelligence. Derek is based in Toronto, Canada, and is a co-founder of the Splunk Toronto User Group.
Read more
See other products by Derek Mock
Arrow right icon
View More author details
Toc

Table of Contents (17) Chapters Close

Title Page
Copyright and Credits
Packt Upsell
Contributors
Preface
1. Play Time – Getting Data In FREE CHAPTER 2. Diving into Data – Search and Report 3. Dashboards and Visualizations - Make Data Shine 4. Building an Operational Intelligence Application 5. Extending Intelligence – Datasets, Modeling and Pivoting 6. Diving Deeper – Advanced Searching, Machine Learning and Predictive Analytics 7. Enriching Data – Lookups and Workflows 8. Being Proactive – Creating Alerts 9. Speeding Up Intelligence – Data Summarization 10. Above and Beyond – Customization, Web Framework, HTTP Event Collector, REST API, and SDKs 1. Other Books You May Enjoy Index

Flagging suspect IP addresses

Any server that receives requests from clients will always be a potential target for someone to try and exploit by initiating an attack. Attacks can come in many different forms, and over time it is important to keep a history of the originating source of the attack, so we can monitor the behavior and patterns more closely and potentially use this data to block access as needed.

In the next recipe, you will learn how to store the source IP addresses of clients making erroneous web access requests as a lookup and flag them for suspect behavior. This new lookup will then be leveraged to filter a subsequent search.

Getting ready

To step through this recipe, you will need a running Splunk Enterprise server, with the sample data loaded from Chapter 1, Play Time - Getting Data In. You should be familiar with navigating the Splunk user interface.

How to do it...

Follow the steps in this recipe to create a lookup table of potentially malicious IP addresses:

  1. Log in to your...
lock icon The rest of the chapter is locked
arrow left Previous Section
Section 4 of 10
Next Section arrow right
Register for a free Packt account to unlock a world of extra content!
A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.
Sign up now
Unlock this book and the full library FREE for 7 days
Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of
Start free trial
Renews at $15.99/month. Cancel anytime

Authors (4)

Left arrow icon
Profile icon Josh Diakun
Josh Diakun
Josh Diakun is an IT operations and security specialist with a focus on creating data-driven operational processes. He has over 10 years of experience managing and architecting enterprise-grade IT environments. For the past 7 years, he has been architecting, deploying and developing on Splunk as the core platform for organizations to gain security and operational intelligence. Josh is a founding partner at Discovered Intelligence, a company specializing in data intelligence services and solutions. He is also a co-founder of the Splunk Toronto User Group.
Read more
See other products by Josh Diakun
Profile icon Yogesh Raheja, Thinknyx Technologies
Yogesh Raheja, Thinknyx Technologies
LinkedIn icon Github icon
Thinknyx® Technologies is a recognized brand providing IT consulting & implementation services, delivering comprehensive Information Technology and Soft Skills Trainings and providing Talent Acquisition (Recruitment) solutions to diverse organizations worldwide. With over a decade of core industry experience, they have successfully aided their customers in strategic planning and flawless execution of solutions around IT and Non-IT initiatives. Yogesh Raheja is the Founder and a senior Solutions Architect at Thinknyx Technologies and an instructor of video courses. Yogesh has been a trusted advisor for numerous organizations, guiding them through their DevOps journey, infrastructure as code, containerization, cloud computing, Automation solutions and AI/ML/Generative AI with his expertise. He has also authored several globally published books (like "Effective DevOps with AWS", "Automation with SaltStack", "Automation with Puppet 5" and "Automation with Ansible") published by Packt, Wiley, and OrangeAVA.
Read more
See other products by Yogesh Raheja, Thinknyx Technologies
Profile icon Paul R. Johnson
Paul R. Johnson
Paul R Johnson has over 10 years of data intelligence experience in the areas of information security, operations, and compliance. He is a partner at Discovered Intelligence, a company specializing in data intelligence services and solutions. Paul previously worked for a Fortune 10 company, leading IT risk intelligence initiatives and managing a global Splunk deployment. Paul co-founded the Splunk Toronto User Group and lives and works in Toronto, Canada.
Read more
See other products by Paul R. Johnson
Profile icon Derek Mock
Derek Mock
Derek Mock is a software developer and big data architect who specializes in IT operations, information security, and cloud technologies. He has 15 years' experience developing and operating large enterprise-grade deployments and SaaS applications. He is a founding partner at Discovered Intelligence, a company specializing in data intelligence services and solutions. For the past 6 years, he has been leveraging Splunk as the core tool to deliver key operational intelligence. Derek is based in Toronto, Canada, and is a co-founder of the Splunk Toronto User Group.
Read more
See other products by Derek Mock
Right arrow icon

Other recommended products

Related to this chapter
Left arrow icon
Splunk 7 Essentials
Splunk 7 Essentials
Read more
This book will uncover the new features in Splunk 7 along with the best practices. You will learn to build navigable search operations, perform intuitive statistical analysis and design visually appealing dashboards for your IT infrastructure. With practical scenarios, you'll be able to design cohesive Splunk apps and deploy it to Splunk cloud.
Read more
Mar 2018 7h 20m
Splunk 7.x Quick Start Guide
Splunk 7.x Quick Start Guide
Read more
Splunk is a leading platform and solution for collecting, searching, and extracting value from ever increasing amounts of big data – and big data is eating the world! This book covers all the crucial Splunk topics and gives you the information and examples to get the immediate job done. You will find enough insights to support further research for using Splunk to suit any business environment or situation.
Read more
Nov 2018 9h 56m
Mastering Splunk 8
Mastering Splunk 8
Read more
This book will cover Splunk's offerings to efficiently capture, index, and correlate data from a searchable repository all in real-time to generate insightful graphs, reports, dashboards, and alerts. Developers and architects alike can be in high demand if they become experts with this tool.
Read more
Dec 2020 15h 12m
Implementing Splunk 7
Implementing Splunk 7
Read more
This book will help you implement Splunk 7's new services and will show you how to utilize them to quickly and efficiently process machine-generated big data. You will explore Splunk Cloud and the Machine Learning Toolkit and use them with ease throughout your organization. By the end of the book, you will have learned to implement these services in your tasks at work.
Read more
Mar 2018 19h 12m
Right arrow icon
Visually different images

Personalised recommendations for you

Based on your interests and search pattern
Left arrow icon
Mathematics of Machine Learning
Mathematics of Machine Learning
Read more
Deepen your theoretical knowledge and enhance your ability to solve complex machine learning problems with structured guidance. Gain the confidence to engage with advanced ML literature and tailor algorithms to meet your project requirements.
Read more
May 2025 24h 20m
Generative AI with Python and PyTorch
Generative AI with Python and PyTorch
Read more
Learn how to create images and text using VAEs, GANs, LSTMs, and transformers. Implement applications in natural language processing and computer vision through practical tutorials.
Read more
Mar 2025 15h 0m
Practical Generative AI with ChatGPT
Practical Generative AI with ChatGPT
Read more
This book helps you unlock ChatGPT's potential to make your working life better. From prompt engineering to creating custom GPTs, you'll enhance your productivity, creativity, and efficiency with practical insights and advanced techniques.
Read more
Apr 2025 12h 52m
Generative AI with LangChain
Generative AI with LangChain
Read more
Gain a solid foundation in LangChain, agentic AI, and LangGraph, and learn to build production-ready systems with multi-agent architectures, advanced RAG pipelines, Tree of Thought reasoning, agent handoffs, and fine-grained error handling.
Read more
May 2025 15h 52m
Architecting Power BI Solutions in Microsoft Fabric
Architecting Power BI Solutions in Microsoft Fabric
Read more
Power BI provides several options to solve common data problems, and designing the correct solution for each scenario can be a daunting task. This book makes it easier by guiding you through designing optimal solutions using Power BI.
Read more
Apr 2025 14h 16m
Microsoft Identity and Access Administrator SC-300 Exam Guide
Microsoft Identity and Access Administrator SC-300 Exam Guide
Read more
This comprehensive guide covers key topics such as Microsoft Entra ID implementation, authentication and access management, external user management, and hybrid identity solutions, providing practical insights and techniques for SC-300 exam success.
Read more
Mar 2025 19h 48m
LLM Design Patterns
LLM Design Patterns
Read more
This book helps you gain practical skills to develop and deploy LLMs. You'll learn data prep, training, pruning, quantization, and evaluation, as well as explore RAG, advanced prompting, and optimization to build robust, scalable language models.
Read more
May 2025 17h 48m
Tableau Cookbook for Experienced Professionals
Tableau Cookbook for Experienced Professionals
Read more
Advance your Tableau knowledge beyond the basics, streamline dashboard performance, tackle advanced geospatial challenges, and unlock API potential while fortifying your corporate data infrastructure with proven best practices.
Read more
Apr 2025 12h 24m
Time Series Analysis with Spark
Time Series Analysis with Spark
Read more
This book offers a complete guide to time series analysis with Apache Spark and Databricks, covering essential concepts and advanced techniques including Generative AI to equip readers with skills for real-world challenges across industries.
Read more
Mar 2025 9h 56m
​Hands-On Artificial Intelligence for IoT
​Hands-On Artificial Intelligence for IoT
Read more
Transform IoT systems with the power of artificial intelligence using this hands-on guide. Dive into practical techniques and expert insights to innovate and optimize your IoT devices, making them smarter and more efficient.
Read more
May 2025 15h 44m
Right arrow icon