Mastering Splunk 8: Become an expert at implementing the advanced features and capabilities of Splunk 8
Miller, James D.
Delve into Splunk and extend intelligence capabilities, and leverage machine learning to explore data efficiently
- Gain the expertise you need to implement the advanced features and capabilities of Splunk 8
- Get to grips with advanced Splunk features and create compelling reports and dashboards
- Develop and manage advanced Splunk pipelines to integrate intelligence capabilities within your organization
Splunk is the most widely used engine for working with machine-generated data. This expert-level guide will help you to leverage advanced use cases to drive business growth using operational intelligence and business analytics features.
You'll start with an introduction to the new features in Splunk 8 and cover step-by-step exercises that will help you to understand each feature in depth. Next, you'll explore key tasks such as workload management, performance and alerting, Splunk Enterprise Security, and advanced indexing. You'll also learn how to create categorical charts and run analytical operations on metrics within the Splunk Analytics workspace, before understanding how to deliver insights across your organization even when faced with limited or complex data using advanced data analytics. The book will also show you how to monitor and maintain Splunk environments using advanced dashboards. Later, you'll create custom data visualizations and update dashboards using drag and drop and the UI-based dashboard editor. Finally, you'll add SplunkJS to a web app and use the Splunk Machine Learning Toolkit (MLTK) as an extension to the core Splunk platform using real-world use cases.
By the end of this book, you'll have learned how to use various Splunk features to extend intelligence capabilities and perform machine learning to explore data effectively.
What You Will Learn
- Understand the components of Splunk 8 and how they work
- Convert distributed search environments to clusters and configure disaster recovery sites using index clustering
- Find out how to integrate Splunk with platforms such as AWS and Microsoft Azure
- Use Search Processing Language (SPL) within Splunk macros to create efficient searching
- Detect suspicious patterns in data with advanced event correlation searches
- Explore machine learning with Splunk MLTK
- Review the beta dashboard editor using working examples
- Use SplunkJS Stack libraries to enhance web apps
Who this book is for
This Splunk book is for data professionals, data analysts, and Splunk users looking to leverage the advanced features of the Splunk Enterprise platform to derive valuable business insights from machine data. The book is also a useful expert-level guide for individuals from all facets of IT, business, and security. Prior knowledge of Splunk and its features is mandatory to get the most out of this book.