Splunk Search

Splunk search query examples

Ghanayem1974
Path Finder

I am new to splunk and was wondering if anyone has a document they don't mind sharing detailing "example search queries" as a starting point? any help would be appreciated. Thanks.

Tags (1)
0 Karma
1 Solution

niketn
Legend

@Ghanayem1974, you can refer to Splunk Search Tutorial with mock data and step by step instruction for creation of Splunk Dashboard.

http://docs.splunk.com/Documentation/Splunk/latest/SearchTutorial/AboutgettingdataintoSplunk

For various Splunk Commands and Examples, you can refer to Splunk Documentation itself which are listed on the left side. http://docs.splunk.com/Documentation/Splunk/latest/SearchReference/Search

For starting with creation of dashboards with examples you can refer to Splunk Dashboard Examples App from Splunkbase: https://splunkbase.splunk.com/app/1603/

You should also go through Splunk Search Fundamentals 1 course for learning Splunk https://www.splunk.com/view/SP-CAAAPX9

____________________________________________
| makeresults | eval message= "Happy Splunking!!!"

View solution in original post

hagjos43
Contributor

I'll self promote here. Sorry, not sorry.

Go check out https://gosplunk.com for a repository of queries shared by a bunch of users.

Another site bbosearch has a few queries as well.

~Joe

mayurr98
Super Champion

In addition to the course
why do not you start with getting data in and do things practically with the help of this beautiful doc:
http://docs.splunk.com/Documentation/Splunk/7.0.1/Search/GetstartedwithSearch

0 Karma

niketn
Legend

@Ghanayem1974, you can refer to Splunk Search Tutorial with mock data and step by step instruction for creation of Splunk Dashboard.

http://docs.splunk.com/Documentation/Splunk/latest/SearchTutorial/AboutgettingdataintoSplunk

For various Splunk Commands and Examples, you can refer to Splunk Documentation itself which are listed on the left side. http://docs.splunk.com/Documentation/Splunk/latest/SearchReference/Search

For starting with creation of dashboards with examples you can refer to Splunk Dashboard Examples App from Splunkbase: https://splunkbase.splunk.com/app/1603/

You should also go through Splunk Search Fundamentals 1 course for learning Splunk https://www.splunk.com/view/SP-CAAAPX9

____________________________________________
| makeresults | eval message= "Happy Splunking!!!"

micahkemp
Champion

I suggest looking at the Splunk Fundamentals 1 course, which is free:

https://www.splunk.com/view/SP-CAAAPX9

0 Karma
Get Updates on the Splunk Community!

Enterprise Security Content Update (ESCU) | New Releases

In December, the Splunk Threat Research Team had 1 release of new security content via the Enterprise Security ...

Why am I not seeing the finding in Splunk Enterprise Security Analyst Queue?

(This is the first of a series of 2 blogs). Splunk Enterprise Security is a fantastic tool that offers robust ...

Index This | What are the 12 Days of Splunk-mas?

December 2024 Edition Hayyy Splunk Education Enthusiasts and the Eternally Curious!  We’re back with another ...