There are a number of text conventions used throughout this book.
CodeInText: Indicates code words in text, database table names, folder names, filenames, file extensions, pathnames, dummy URLs, user input, and Twitter handles. Here is an example: "You can either do it using the following icacls command or change it using the Windows GUI"
A block of code is set as follows:
SPL> index=main earliest=-1h latest=now | stats count(eval(if(http_status_code < "400", 1, NULL))) AS successful_requests count(eval(if(http_status_code >= "400", 1, NULL))) AS unsuccessful_requests by http_status_code
When we wish to draw your attention to a particular part of a code block, the relevant lines or items are set in bold:
016-07-21 23:58:50:227303,96.32.0.0,GET,/destination/LAX/details,-,80, -,10.2.1.33,Mozilla/5.0 (Macintosh; Intel Mac OS X 10_8_5) AppleWebKit/537.36 (KHTML; like Gecko) Chrome/29.0.1547.76 Safari/537.36,500,0,0,823,3053
Any command-line input or output is written as follows:
Windows: C:> dir C:\Splunk\etc\apps\SA-Eventgen
Linux: ls -l /$SPLUNK_HOME/etc/apps/
Bold: Indicates a new term, an important word, or words that you see onscreen. For example, words in menus or dialog boxes appear in the text like this. Here is an example: "On the Server controls page, click on the Restart Splunk button. Click on OK when asked to confirm the restart."