更新时间:2021-07-16 13:35:25
封面
版权信息
Credits
About the Authors
About the Reviewers
www.PacktPub.com
Preface
Chapter 1. The Splunk Interface
Logging into Splunk
The home app
The top bar
The search & reporting app
Using the time picker
Using the field picker
The settings section
Summary
Chapter 2. Understanding Search
Using search terms effectively
Boolean and grouping operators
Clicking to modify your search
Using fields to search
Using wildcards efficiently
All about time
Making searches faster
Sharing results with others
Search job settings
Saving searches for reuse
Creating alerts from searches
Chapter 3. Tables Charts and Fields
About the pipe symbol
Using top to show common field values
Using stats to aggregate values
Using chart to turn data
Using timechart to show values over time
Working with fields
Chapter 4. Data Models and Pivots
What is a data model?
What does a data model search?
Creating a data model
Lookup attributes
What is a pivot?
A quick example
Sparklines
Chapter 5. Simple XML Dashboards
The purpose of dashboards
Using wizards to build dashboards
Converting the panel to a report
Back to the dashboard
Editing XML directly
UI examples app
Building forms
Features replaced
Autorun dashboard
Scheduling the generation of dashboards
Chapter 6. Advanced Search Examples
Using subsearches to find loosely related events
Using transaction
Determining concurrency
Calculating events per slice of time
Rebuilding top
Acceleration
Chapter 7. Extending Search
Using tags to simplify search
Using event types to categorize results
Using lookups to enrich data
Using macros to reuse logic
Creating workflow actions
Using external commands
Chapter 8. Working with Apps
Defining an app
Included apps
Installing apps
Building your first app
Editing navigation
Customizing the appearance of your app
Object permissions
The app directory structure
Chapter 9. Building Advanced Dashboards
Reasons for working with advanced XML
Reasons for not working with advanced XML
The development process
The advanced XML structure
Converting simple XML to advanced XML
Module logic flow
Understanding layoutPanel
Reusing a query
Using intentions
Creating a custom drilldown
Third-party add-ons
Chapter 10. Summary Indexes and CSV Files
Understanding summary indexes
When to use a summary index
When not to use a summary index
