1) Using the pivot interface
Run basic searches
3) Using fields in searches
4) Creating reports
Information collected from the logs
Apache logs from public web site of customer interactions with store
Linux logs of logins and failed logins
Logs of sales to distributors
Linux logs
1) Roles and responsibilities are to gather data and statistics and report on
- Security
IT operations
Business intelligence Etc
Application Management
operations Management
Security and compliance
and the rest
The first task is to index the Data
Once the data is indexed , then we move on to the next phase
That is search and investigate
We need to investigate , what the problem is and where and what it is
l
Index the Data
Search and investigate the issue from the data that has been indexed
Add knowledge and stuff , that is required
Monitor and Alert
Report and Analyze
Index the data
Search and Investigate
Based off of the investigation , we will be adding the knowledge
We then monitor and Alert
Then comes , report and Analyzation , which is the final part
==============================================
Knowledge objects
—————————————
The knowledge objects make your data more robust ,providing ways to interpret , classify , enrich and normalize your events
- So , we do create knowledge to add value to your data
- The knowledge objects can be reused and shared
- Create knowledge objects to add value to your data
- We create knowledge objects to add value to your data
- The knowledge objects can be used and reused
Click Settings to access your knowledge objects
KOs enhance your productivity in many ways
Speed
Reuse
Quality
Depth
speed - Reports give you previously created searches , saving typing time and allowing you to execute searches without knowledge of the search language
Reports give you previously created searches , saving typing time
Spunk user are assigned roles
The roles determine the capabilities and data access
1Admin
@Power
# User
Spunk administrators can create additional roles
=========================================
Apps allow different workspaces , tailored to a specific use case or user role , to exist on a single spunk instance
This class focuses on the Search and Reporting app ( also called the Search app )
Administrators can install additional apps to your spunk instance from
http://apps.splunk.com
=========================================
Apps allow different workspaces , tailored to a specific use case or a user role
Apps allow different workspaces , tailored to a specific user case or a user role
Apps allow different workspaces , tailored to a specific user care or a user role to exist on a single spunk instance
apps allow different workspaces , tailored to a specific use case or a user roles
Apps allow different workspaces , tailored to a specific user cases
Apps allow different works paces , tailored to a specific user case or suer role , to exist on a single spunk instance
- This class focuses on the search and reporting app ( Also called the search app )
apps.splunk.com - Additional apps can be installed
Search : To navigate your data using and ordered group of string of terms and values
Event: Searches return events - single piece of data ( i.e record in a log file or other data input )
Field : Searchable name/value pair in event data , Fields give you more precision in searches.
Data Model: An abstract visual layer between the user and the raw data which makes it easier to interact with the data
Event : Search s return events : which is a single piece of data ( record in a log file or other data in input )
Record in a log file or other data in input
Record in a log file or other data in input
Search results return single event , return a data from log file or other data input )
No comments:
Post a Comment