Site icon Analytics4All

Splunk: Overview of functionality


Splunk is great at analyzing large sets of unstructured data quickly and easily. To simulate working with a stream of data, I am using a log file I pulled from a server. You can download it here: event

Load this into Splunk through data upload button. You can just hit next through the remaining upload screens. The default setting work just fine for us.

With out data loaded, we can search through the data using key words and wildcards

But for something cool, click on the Patterns tab. This shows interesting patterns Splunk has sniffed out on its own.

Click on any of the Interesting Fields Splunk created from your data to see some interest quick stats.

You can dig deeper into the Stats by picking one of the canned reports that appear in the pop-up window.

You can run visualizations from these reports.

Of course you can change the visualization type from a  simple menu

The Statistics tab shows numeric stats based on the report/query you are working with.

If while interacting you find search you want to keep or share it, you can save the settings in it as a Report

When you save the report, Splunk gives you a default option to add a Time Range Picker that will let you pick a time range next time you run the report.

I personally recommend playing with Splunk to get a better feel for it. What is so cool about it is how quickly and easily you can produce actionable analytics.


Exit mobile version