Log In
Or create an account ->
Imperial Library
Home
About
News
Upload
Forum
Help
Login/SignUp
Index
Cover
Title
Copyright
Dedication
Contents at a Glance
Contents
About the Authors
About the Technical Reviewer
Acknowledgments
Chapter 1: Big Data and Splunk
What Is Big Data?
Alternate Data Processing Techniques
What Is Splunk?
About This Book
Chapter 2: Getting Data into Splunk
Variety of Data
How Splunk deals with a variety of data
Files & Directories
Data Generator
Generate Sample Data
Network Sources
Windows data
Other Sources
Apps and Add-ons
Forwarders
Summary
Chapter 3: Processing and Analyzing the Data
Getting to Know Combined Access Log Data
Searching and Analyzing Indexed Data
Reporting
Which Are the Top Browsers?
Top Five IP Addresses
Which Are the Top Referral Web Sites?
How Many Events Have HTTP 404 Status?
How Many Events Have Purchase Action?
List of Products That Are Part of a Purchase
Sorting
Filtering
Adding and Evaluating Fields
Grouping
Summary
Chapter 4: Visualizing the Results
Data Visualization
How Splunk Deals with Visualization
Chart
Chart the Number of GET and POST for Each Host
Chart the Purchases and Views for Each Product Category
Which Product Categories Are Affected by HTTP 404 Errors?
Purchasing Trend for MyGizmoStore.com
Duration of Transactions
Timechart
Top Purchases by Product
Page Views and Purchases
Visualization Using Google Maps App
Globe
Dashboards
Summary
Chapter 5: Defining Alerts
What Are Alerts?
How Splunk Provides Alerts
Alert based on product sales
Alert on failed logins
Alerts on critical errors in log files
Summary
Chapter 6: Web Site Monitoring
Monitoring web sites
IT Operations
Hits by host
Hits by host without internal access
Traffic with good HTTP status
Traffic with bad HTTP status
Top pages by bad HTTP status
Business
User demographics by region
Bounce rate
Unique visitors
Summary
Chapter 7: Using Log Files To Create Advanced Analytics
Traditional Analytics
A Paradigm Change
Semantic Logging
Logging Best Practices
Summary
Chapter 8: The Airline On-Time Performance Project
Summary
Chapter 9: Getting the Flight Data into Splunk
Working with CSV Files
The Flight Data
Downloading the Data
Getting to Know the Flight Data
Timestamp Considerations
Mapping Fields to a Timestamp
Indexing All the Flight Data
Indexing Data from a Relational Database
Defining a New Database Connection
Database Monitoring
Summary
Chapter 10: Analyzing Airlines, Airports, Flights, and Delays
Analyzing Airlines
Counting Airlines
Visualizing Results
Analyzing Airports
Analyzing Flights
Analyzing Delays
Delays by Airline
Causes of Delays by Airport
Winter versus Summer Delays
Creating and Using Macros
Report Acceleration
Accelerating Statistics
Summary
Chapter 11: Analyzing a Specific Flight Over the Years
Airline Names
Automating Field Lookups
Creating Lookup Tables from Searches
United Flight 871
Summary
Chapter 12: Analyzing Tweets
Tapping the Sample Stream
Loading the Tweets into Splunk
A Day in Twitter
Most Popular Words
Real-Time Twitter Trends
Summary
Chapter 13: Analyzing Foursquare Check-Ins
The Check-In Format
Reverse Geocoding
Time Zone Considerations
Loading the Check-Ins
Analyzing the Check-Ins
The Sunday Brunch Search
Google Maps and the Top Venue
Check-Ins Patterns of a Venue
Venues by Number of Check-Ins
Analyzing Gender Activities
Summary
Chapter 14: Sentiment Analysis
Opinions, Views, Beliefs, Convictions
Commercial Uses
The Technical Side of Sentiment Analysis
The Sentiment Analysis App
Globally Enabling Commands
Finding Sentiments
Dealing with Languages
Training and Testing Data
The World Sentiment Indicator Project
Collecting the RSS Feeds
Indexing the Headlines into Splunk
Defining the Sentiment Corpus
Visualizing the Results
Summary
Chapter 15: Remote Data Collection
Forwarders
Popular Topologies
Installing a Forwarder
Deployment Server
Configuring the Deployment Server
Configuring the Forwarders
Deployment Monitor
Summary
Chapter 16: Scaling and High Availability
Scaling Splunk
Clustering
Setting up a Cluster
Summary
Appendix A: The Performance of Splunk
Types of Searches
Search Performance Profiles
Needle in the Haystack
Distributed Searches
Indexing Performance
Disk Speed and Searches
Understanding your Splunk Environment
Most Expensive Searches
Historic Run Times
Categorizing Searches
Search Head Performance
Summary
Appendix B: Useful Splunk Apps
Splunk Apps
Splunk for Oracle WebLogic Server
Splunk Hadoop Connect
Splunk App for Microsoft Exchange
Technology Add-on for Microsoft SQLServer 2012 and 2008r2
Splunk App for AWS usage tracking
Splunk for FISMA
Splunk App for PCI Compliance
Splunk App for Enterprise Security
Splunk for RSA SecurID Appliances
Splunk App for VMWare
Splunk App for HadoopOps
Splunk App for Active Directory
Splunk on Splunk (S.o.S)
Splunk for Nagios
Splunk App for Snort
Cisco Security Suite
Splunk for Palo Alto Networks
Splunk for Juniper Firewalls
Splunk for Barracuda Networks Web Application Firewall
Index
← Prev
Back
Next →
← Prev
Back
Next →