Splunk Search
×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
Ask a Question

Prerequisites of Splunk

Tron-spectron47
Loves-to-Learn
‎03-12-2024 11:22 AM

if i had to write a document for myself on basic learning of splunk: to create a dashboard i can either use inputs like index,source,source fields or I can give a data set is that right? for that can i write it like this or am i wrong with side headings:

  1. Understanding of input data:  Explore different methods of data input into Splunk, such as ingesting data from files, network ports, or APIs.
  2. Understanding of Data domains : Discover how to efficiently structure your data in Splunk using data models to drive analysis.
Labels (1)
Labels
0 Karma
Reply

Tron-spectron47
Loves-to-Learn
‎03-13-2024 05:39 AM

I wanted to see what i captured is in right direction its for own sake,can i say like that like there are two ways for creating dashboard understand through inputs and other through data models?

0 Karma
Reply

gcusello
SplunkTrust
SplunkTrust
‎03-13-2024 05:58 AM

Hi @Tron-spectron47,

everything in Splunk is a search, so you have to learn how to create a search, both using indexes or Data Models.

When you'll be able to create a search, you can save it in a dashboard or an alert or a report, but the starting point is always a search.

To start, you could follow the Splunk Search Tutorial https://docs.splunk.com/Documentation/Splunk/latest/SearchTutorial/WelcometotheSearchTutorial

Ciao.

Giuseppe

0 Karma
Reply

gcusello
SplunkTrust
SplunkTrust
‎03-13-2024 12:13 AM

Hi @Tron-spectron47,

here you can find all the Splunk courses: https://www.splunk.com/en_us/training/course-catalog.html 

in details you should see these courses:

Splunk Enterprise System Administration chrome-extension://efaidnbmnnnibpcajpcglclefindmkaj/https://www.splunk.com/en_us/pdfs/training/splunk-enterprise-system-administration-course-descriptio...

Splunk Enterprise Data Administration chrome-extension://efaidnbmnnnibpcajpcglclefindmkaj/https://www.splunk.com/en_us/pdfs/training/splunk-enterprise-data-administration-course-description....

Data Models chrome-extension://efaidnbmnnnibpcajpcglclefindmkaj/https://www.splunk.com/en_us/pdfs/training/data-models-course-description.pdf

You can find the page to register in the first url.

Ciao.

Giuseppe

0 Karma
Reply
Got questions? Get answers!

Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!

Meet up IRL or virtually!

Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.

Get Updates on the Splunk Community!

Announcing Modern Navigation: A New Era of Splunk User Experience

We are excited to introduce the Modern Navigation feature in the Splunk Platform, available to both cloud and ...

Modernize your Splunk Apps – Introducing Python 3.13 in Splunk

We are excited to announce that the upcoming releases of Splunk Enterprise 10.2.x and Splunk Cloud Platform ...

Step into “Hunt the Insider: An Splunk ES Premier Mystery” to catch a cybercriminal ...

After a whole week of being on call, you fell asleep on your keyboard, and you hit a sequence of buttons that ...