Re: Is there a good book for learning Splunk queri...

cosmo360 · ‎10-04-2018

Hi,
Can someone suggest a good way (or a real good book) on how to learn splunk queries. any suggestions would be appreciated.

Thanks

ppablo · ‎10-08-2018

This community-run site called GoSplunk is a pretty cool resource for people to check out Splunk searches contributed by other users. You should be able to get some ideas on how certain commands work and edit according to your own fields/values.
https://gosplunk.com/

ChrisG · ‎10-04-2018

Here are some previous posts with good suggestions:

brianMiller94 · ‎10-04-2018

I read these two books on amazon to get started:

Advanced Splunk
https://www.amazon.com/gp/product/1785884352/ref=oh_aui_search_detailpage?ie=UTF8&psc=1

Splunk Operational Intelligence Cookbook - Second Edition
https://www.amazon.com/gp/product/1785284991/ref=oh_aui_search_detailpage?ie=UTF8&psc=1

Thanks!

Azeemering · ‎10-04-2018

https://www.splunk.com/pdfs/ebooks/exploring-splunk.pdf

Is there a good book for learning Splunk queries?

Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!

Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.

Why Splunk Customers Should Attend Cisco Live 2026 Las Vegas

What Is the Name of the USB Key Inserted by Bob Smith? (BOTS Hint, Not the Answer)

Automating Threat Operations and Threat Hunting with Recorded Future

Join the Conversation