Splunk Search
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

Prerequisites of Splunk

Tron-spectron47
Loves-to-Learn
‎03-12-2024 11:22 AM

if i had to write a document for myself on basic learning of splunk: to create a dashboard i can either use inputs like index,source,source fields or I can give a data set is that right? for that can i write it like this or am i wrong with side headings:

  1. Understanding of input data:  Explore different methods of data input into Splunk, such as ingesting data from files, network ports, or APIs.
  2. Understanding of Data domains : Discover how to efficiently structure your data in Splunk using data models to drive analysis.
Labels (1)
Labels
0 Karma
Reply

Tron-spectron47
Loves-to-Learn
‎03-13-2024 05:39 AM

I wanted to see what i captured is in right direction its for own sake,can i say like that like there are two ways for creating dashboard understand through inputs and other through data models?

0 Karma
Reply

gcusello
SplunkTrust
SplunkTrust
‎03-13-2024 05:58 AM

Hi @Tron-spectron47,

everything in Splunk is a search, so you have to learn how to create a search, both using indexes or Data Models.

When you'll be able to create a search, you can save it in a dashboard or an alert or a report, but the starting point is always a search.

To start, you could follow the Splunk Search Tutorial https://docs.splunk.com/Documentation/Splunk/latest/SearchTutorial/WelcometotheSearchTutorial

Ciao.

Giuseppe

0 Karma
Reply

gcusello
SplunkTrust
SplunkTrust
‎03-13-2024 12:13 AM

Hi @Tron-spectron47,

here you can find all the Splunk courses: https://www.splunk.com/en_us/training/course-catalog.html 

in details you should see these courses:

Splunk Enterprise System Administration chrome-extension://efaidnbmnnnibpcajpcglclefindmkaj/https://www.splunk.com/en_us/pdfs/training/splunk-enterprise-system-administration-course-descriptio...

Splunk Enterprise Data Administration chrome-extension://efaidnbmnnnibpcajpcglclefindmkaj/https://www.splunk.com/en_us/pdfs/training/splunk-enterprise-data-administration-course-description....

Data Models chrome-extension://efaidnbmnnnibpcajpcglclefindmkaj/https://www.splunk.com/en_us/pdfs/training/data-models-course-description.pdf

You can find the page to register in the first url.

Ciao.

Giuseppe

0 Karma
Reply
Get Updates on the Splunk Community!

Splunk Enterprise Security 8.0.2 Availability: On cloud and On-premise!

A few months ago, we released Splunk Enterprise Security 8.0 for our cloud customers. Today, we are excited to ...

Logs to Metrics

Logs and Metrics Logs are generally unstructured text or structured events emitted by applications and written ...

Developer Spotlight with Paul Stout

Welcome to our very first developer spotlight release series where we'll feature some awesome Splunk ...