Getting Data In
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question
Solved! Jump to solution

Do you have any recommendations for freely available data, real or generated, that can be used to practice

Xandervzyl
Engager
‎09-26-2021 03:31 PM

I know this is a niche and rookie question, but maybe someone out there can provide some guidance. I'm quite new to Splunk. I have practiced inputting data and working with it in Fundamentals 1, but I believe inputting other types of data and working with it will be good in helping me learn.

I'm enjoying learning Spunk, but I lack a lot of experience in data analytics. I don't know where to start looking for good practice data.

I don't expect many people to have practice data readily available, even so, thank you for hearing me out.

Labels (7)
0 Karma
Reply
1 Solution
Solved! Jump to solution
Solution

bowesmana
SplunkTrust
SplunkTrust
‎09-26-2021 03:55 PM

There are various ways to get data to play with, the value will depend on the use case you're trying to explore

If you are on a windows machine, you can export windows event log data or you can create CSV data with a spreadsheet and just create some simple formulas to create dummy data

On *nix based machines, just look in /var/log

You can even use Splunk log files to play with from $SPLUNK_HOME/var/log/splunkd. That data can easily be imported to a new index and you can set up sourcetypes to do things with that.

Simple google for free datasets will give you numerous hits where you can get data to play with.

 

View solution in original post

Reply
Solved! Jump to solution
Solution

bowesmana
SplunkTrust
SplunkTrust
‎09-26-2021 03:55 PM

There are various ways to get data to play with, the value will depend on the use case you're trying to explore

If you are on a windows machine, you can export windows event log data or you can create CSV data with a spreadsheet and just create some simple formulas to create dummy data

On *nix based machines, just look in /var/log

You can even use Splunk log files to play with from $SPLUNK_HOME/var/log/splunkd. That data can easily be imported to a new index and you can set up sourcetypes to do things with that.

Simple google for free datasets will give you numerous hits where you can get data to play with.

 

Reply
Get Updates on the Splunk Community!

Infographic provides the TL;DR for the 2024 Splunk Career Impact Report

We’ve been buzzing with excitement about the recent validation of Splunk Education! The 2024 Splunk Career ...

Enterprise Security Content Update (ESCU) | New Releases

In December, the Splunk Threat Research Team had 1 release of new security content via the Enterprise Security ...

Why am I not seeing the finding in Splunk Enterprise Security Analyst Queue?

(This is the first of a series of 2 blogs). Splunk Enterprise Security is a fantastic tool that offers robust ...