Using the Splunk rex and erex Commands with Field Extractions
Getting data into Splunk is hard enough. After uploading a CSV, monitoring a log file, or forwarding data for indexing, more often than not, the
Category: Splunk
Estimating Splunk License Sizes
What is a Splunk License? A Splunk license is a file that houses information about your license entitlement. This tells you what your abilities and
Event Sequencing in Splunk: Avoid Alert Fatigue
Working in the security space in Splunk, we’re all accustomed to the pressure of security alert management, and security analysts are on the front line
Splunk Calculated Fields and Aliases
A user-friendly search and analytics experience is critical to improving the usability of your data in Splunk. By creating calculated fields in Splunk, users can
The Splunker’s Guide to Forwarder Management
Splunk Forwarders are critical components for any Splunk environment, both for Splunk Enterprise running on-prem or Splunk Cloud. Forwarders are the critical element in any
Using Splunk Knowledge Objects
What is a knowledge object in Splunk? Splunk knowledge objects are a set of user-defined searches, fields, and reports that enrich your data and give
Splunk Event Types and Tags: How to Create & Use Them
In this tutorial, I’ll discuss the importance of creating event types and tags in Splunk. Creating event types and tags may seem simple, but
Splunk MLTK: What It Is And How It Works
What if there was a tool you could use to automate the time-consuming and nearly impossible parts of your job as a Splunk administrator? There
The “Magic 8” Configurations You Need in Splunk
When working in Splunk, you can earn major magician status with all of the magic tricks you can do with your data. Every magician
Splunk Choropleth Maps: A Guided Tutorial [+Video]
Splunk provides many visualizations to represent data. One of the most popular visualizations is the choropleth map which is best suited for location data. What