Splunk Best Practices
eBook - ePub

Splunk Best Practices

Travis Marlette

Compartir libro
  1. 244 páginas
  2. English
  3. ePUB (apto para móviles)
  4. Disponible en iOS y Android
eBook - ePub

Splunk Best Practices

Travis Marlette

Detalles del libro
Vista previa del libro
Índice
Citas

Información del libro

Design, implement, and publish custom Splunk applications by following best practices

About This Book

  • This is the most up-to-date guide on the market and will help you finish your tasks faster, easier, and more efficiently.
  • Highly practical guide that addresses common and not-so-common pain points in Splunk.
  • Want to explore shortcuts to perform tasks more efficiently with Splunk? This is the book for you!

Who This Book Is For

This book is for administrators, developers, and search ninjas who have been using Splunk for some time. A comprehensive coverage makes this book great for Splunk veterans and newbies alike.

What You Will Learn

  • Use Splunk effectively to gather, analyze, and report on operational data throughout your environment
  • Expedite your reporting, and be empowered to present data in a meaningful way
  • Create robust searches, reports, and charts using Splunk
  • Modularize your programs for better reusability.
  • Build your own Splunk apps and learn why they are important
  • Learn how to integrate with enterprise systems
  • Summarize data for longer term trending, reporting, and analysis

In Detail

This book will give you an edge over others through insights that will help you in day-to-day instances. When you're working with data from various sources in Splunk and performing analysis on this data, it can be a bit tricky. With this book, you will learn the best practices of working with Splunk.

You'll learn about tools and techniques that will ease your life with Splunk, and will ultimately save you time. In some cases, it will adjust your thinking of what Splunk is, and what it can and cannot do.

To start with, you'll get to know the best practices to get data into Splunk, analyze data, and package apps for distribution. Next, you'll discover the best practices in logging, operations, knowledge management, searching, and reporting. To finish off, we will teach you how to troubleshoot Splunk searches, as well as deployment, testing, and development with Splunk.

Style and approach

If you're stuck or want to find a better way to work with Splunk environment, this book will come handy. This easy-to-follow, insightful book contains step-by-step instructions and examples and scenarios that you will connect to.

Preguntas frecuentes

¿Cómo cancelo mi suscripción?
Simplemente, dirígete a la sección ajustes de la cuenta y haz clic en «Cancelar suscripción». Así de sencillo. Después de cancelar tu suscripción, esta permanecerá activa el tiempo restante que hayas pagado. Obtén más información aquí.
¿Cómo descargo los libros?
Por el momento, todos nuestros libros ePub adaptables a dispositivos móviles se pueden descargar a través de la aplicación. La mayor parte de nuestros PDF también se puede descargar y ya estamos trabajando para que el resto también sea descargable. Obtén más información aquí.
¿En qué se diferencian los planes de precios?
Ambos planes te permiten acceder por completo a la biblioteca y a todas las funciones de Perlego. Las únicas diferencias son el precio y el período de suscripción: con el plan anual ahorrarás en torno a un 30 % en comparación con 12 meses de un plan mensual.
¿Qué es Perlego?
Somos un servicio de suscripción de libros de texto en línea que te permite acceder a toda una biblioteca en línea por menos de lo que cuesta un libro al mes. Con más de un millón de libros sobre más de 1000 categorías, ¡tenemos todo lo que necesitas! Obtén más información aquí.
¿Perlego ofrece la función de texto a voz?
Busca el símbolo de lectura en voz alta en tu próximo libro para ver si puedes escucharlo. La herramienta de lectura en voz alta lee el texto en voz alta por ti, resaltando el texto a medida que se lee. Puedes pausarla, acelerarla y ralentizarla. Obtén más información aquí.
¿Es Splunk Best Practices un PDF/ePUB en línea?
Sí, puedes acceder a Splunk Best Practices de Travis Marlette en formato PDF o ePUB, así como a otros libros populares de Computer Science y Data Visualisation. Tenemos más de un millón de libros disponibles en nuestro catálogo para que explores.

Información

Editorial
Packt Publishing
Año
2016
ISBN
9781785281396
Edición
1
Categoría
Computer Science
Categoría
Data Visualisation

Splunk Best Practices

Splunk Best Practices

Copyright © 2016 Packt Publishing
All rights reserved. No part of this book may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, without the prior written permission of the publisher, except in the case of brief quotations embedded in critical articles or reviews.
Every effort has been made in the preparation of this book to ensure the accuracy of the information presented. However, the information contained in this book is sold without warranty, either express or implied. Neither the author, nor Packt Publishing, and its dealers and distributors will be held liable for any damages caused or alleged to be caused directly or indirectly by this book.
Packt Publishing has endeavored to provide trademark information about all of the companies and products mentioned in this book by the appropriate use of capitals. However, Packt Publishing cannot guarantee the accuracy of this information.
First published: September 2016
Production reference: 1150916
Published by Packt Publishing Ltd.
Livery Place
35 Livery Street
Birmingham B3 2PB, UK.
ISBN 978-1-78528-139-6
www.packtpub.com

Credits

Author
Travis Marlette
Copy Editor
Safis Editing
Reviewer
Chris Ladd
Project Coordinator
Ulhas Kambali
Commissioning Editor
Veena Pagare
Proofreader
Safis Editing
Acquisition Editor
Tushar Gupta
Indexer
Tejal Daruwale Soni
Content Development Editor
Prashanth G Rao
Production Coordinator
Melwyn Dsa
Technical Editor
Murtaza Tinwala
Cover Work
Melwyn Dsa

About the Author

Travis Marlette has been working with Splunk since Splunk 4.0, and has over 7 years of statistical and analytical experience leveraging both Splunk and other technologies. He cut his teeth in the securities and equities division of the finance industry, routing stock market data and performing transactional analysis on stock market trading, as well as reporting security metrics for SEC and other federal audits.
His specialty is in IT operational intelligence, which consists of the lions share of many major companies. Being able to report on security, system-specific, and propriety application metrics is always a challenge for any company and with the increase of IT in the modern day, having a specialist like this will become more and more prominent.
Working in finance, Travis has experience of working to integrate Splunk with some of the newest and most complex technologies, such as:
  • SAS
  • HIVE
  • TerraData (Data Warehouse)
  • Oozie
  • EMC (Xtreme IO)
  • Datameer
  • ZFS
  • Compass
  • Cisco (Security/Network)
  • Platfora
  • Juniper (Security and Network)
  • IBM Web Sphere
  • Cisco Call Manager
  • Java Management Systems (JVM)
  • Cisco UCS
  • IBM MQ Series
  • FireEye
  • Microsoft Active Directory
  • Snort
  • Microsoft Exchange
  • F5
  • Microsoft – OS
  • MapR (Hadoop)
  • Microsoft SQL
  • YARN (Hadoop)
  • Microsoft SCOM
  • NoSQL
  • Linux (Red Hat / Cent OS)
  • Oracle
  • MySQL
  • Nagios
  • LDAP
  • TACACS+
  • ADS
  • Kerberos
  • Gigamon
  • Telecom Inventory Management
  • Riverbed Suite
  • Endace
  • Service Now
  • JIRA
  • Confluence
Travis is has been certified for a series of Microsoft, Juniper, Cisco, Splunk, and network security certifications. His knowledge and experience is truly his most valued currency, and this is demonstrated by every organization that has worked with him to reach their goals.
He has worked with Splunk installations that ingest 80 to 150 GB daily, as well as 6 TB daily, and provided value with each of the installations he’s created to the companies that he’s worked with. In addition he also knows when a project sponsor or manager requires more information about Splunk and helps them understand what Splunk is, and how it can best bring value to their organization without over-committing.
According to Travis, "Splunk is not a 'crystal ball'that's made of unicorn tears, and bottled rainbows, granting wishes and immediate gratification to the person who possesses it. It’s an IT platform that requires good resources supporting it, and is limited only by the knowledge and imagination of those resources". With the right resources, that’s a good limitation for a company to have.
Splunk acts as a ‘Rosetta Stone’ of sorts for machines. It takes thousands of machines, speaking totally different languages all at the same time, and translates that into something a human can understand. This by itself, is powerful.
His passion for innovating new solutions and overcoming challenges leveraging Splunk and other data science tools have been exercised and visualized every day each of his roles. Those roles are cross industry, ranging from Bank of New York and Barclay's Capital, to the Federal Government. Thus far, he and the teams he has worked with have taken each of these organizations further than they have ever been on their Splunk journey. While he continues to bring visibility, add value, consolidate tools, share work, perform predictions, and implement cost savings, he is also are often mentioned as the most resourceful, reliable, and goofy person in the organization. Travis says “A new Splunk implementation is like asking your older brother to turn on a fire hose so you can get a drink of water. Once it’s on, just remember to breathe.”

About the Reviewer

Chris Ladd is a staff sales engineer at Splunk. He has been with Splunk for three years and has been a sales engineer for more than a decade. He has earned degrees from Southwestern University and the University of Houston. He resides in Chicago.

www.PacktPub.com

eBooks, discount offers, and more

Did you know that Packt offers eBook versions of every book published, with PDF and ePub files available? You can upgrade to the eBook version at www.PacktPub.com and as a print book customer, you are entitled to a discount on the eBook copy. Get in touch with us at [email protected] for more details.
At www.PacktPub.com , you can also read a collection of free technical articles, sign up for a range of free newsletters and receive exclusive discounts and offers on Packt books and eBooks.
eBooks, discount offers, and more
https://www2.packtpub.com/books/subscription/packtlib
Do you need instant solutions to your IT questions? PacktLib is Packt's online digital book library. Here, you can search, access, and read Packt's entire library of books.

Why subscribe?

  • Fully searchable across every book published by Packt
  • Copy and paste, print, and bookmark content
  • On demand and accessible via a web browser

Preface

Within the working world of technology, there are hundreds of thousands of different applications, all (usually) logging in different formats. As a Splunk expert, our job is make all those...

Índice