Using the map Command
When it comes to correlating information in searches to uncover unique patterns, there are several Splunk commands are commonly employed. For instance, you might opt
Tag: Splunk
Storing Event Data Into Metrics Indexes
This article is split into a nine part series to improve readability – this third installment in the series covers how to store event data
Creating Metrics Indexes
This topic is split into a nine-part series to improve readability – this second installment covers how to create a metrics index. Parts 1-3 of
Events vs Metrics Indexes
This topic is split into a nine-part series to improve readability – this is the first installment in the series. Parts 1-3 of this series
Using the mvjoin Command
Data that has multiple values in a single field can be difficult to view in a report. Using the mvjoin command from Splunk’s Search Processing
Using the coalesce Command
Data fields that have similar information can have different field names. While the Splunk Common Information Model (CIM) exists to address this type of situation,
Preparing for Splunk Certifications
When it comes to preparing for Splunk Certification exams, there are two questions I see in the Splunk community this post will address: “I’m going
Reducing Costs with Splunk
As of the writing of this post, we are arguably in turbulent times. Publicly traded companies have recently entered a bear market, crypto currencies are