Archive
Highlighted

mastering splunk

Path Finder

i'm new in this

i want to know how much time of learning how to use splunk and it's fontionalities

thk's

Tags (1)
Highlighted

Re: mastering splunk

Motivator

here Splunk Tutorial is a good place to start and it will get you through most of splunk features.

Highlighted

Re: mastering splunk

Influencer

@Sarah89,

You should start looking through the docs provided by MarioM. It also helps to give yourself a task whilst learning (e.g. Want to monitor disk space), this way you can follow the process from start to finish. For example, on Linux installation this could be:

  1. Data: Create a simple bash script that calls the command "df -m"
  2. Inputs: Set this up as a scripted input in Splunk to run every 30 seconds
  3. Searching: Craft a search to show free space for each filesystem
  4. Reports: Plot it in a pie chart (e.g. Free space over Capacity)
  5. Dashboard: Add the pie chart to a dashboard.
  6. Alerts: Create an alert, to notify you when a device reaches 80% utilisation

You should also jump on the IRC chat channel "#splunk" (link: http://www.splunk.com/view/SP-CAAACDF). As there many helpful and friendly users there. So you'll be able to get a quick answer to simple queries.

Hope this helps

MHibbin

View solution in original post

Highlighted

Re: mastering splunk

Path Finder

thk's your answer, i started with the manual user and i finished it

and now i'm using distributed deployment manual for deploying topologies, and forwarders
it's very interessting

0 Karma
Highlighted

Re: mastering splunk

Influencer

cool, good luck! it's fairly simple once you've done it a few times (i think!)

0 Karma
Highlighted

Re: mastering splunk

Splunk Employee
Splunk Employee

For the search language, don't forget the search cheat sheet and PDF reference:

http://www.innovato.com/splunk/

http://www.innovato.com/splunk/RefCard.pdf

Highlighted
Highlighted

Re: mastering splunk

Influencer

it should probably also be noted... Splunk is such a vast and "deep" platform that you can never truly "master" it. I'm sure even some of the Splunk "veterans" do not know everything in the world of Splunk.

0 Karma
Highlighted

Re: mastering splunk

Path Finder

well thk's a lot for your answers

0 Karma
Highlighted

Re: mastering splunk

Path Finder

for forwading can someone explain the basic procedure to me ,using universal forwarding

ps: i followed all the steps mentioned on distributed deployement manual ,but it doesn't seem to work

please can someone help

0 Karma