Book Image

Learning Hunk

By : Dmitry Anoshin, Sergey Sheypak
Book Image

Learning Hunk

By: Dmitry Anoshin, Sergey Sheypak

Overview of this book

Hunk is the big data analytics platform that lets you rapidly explore, analyse, and visualize data in Hadoop and NoSQL data stores. It provides a single, fluid user experience, designed to show you insights from your big data without the need for specialized skills, fixed schemas, or months of development. Hunk goes beyond typical data analysis methods and gives you the power to rapidly detect patterns and find anomalies across petabytes of raw data. This book focuses on exploring, analysing, and visualizing big data in Hadoop and NoSQL data stores with this powerful full-featured big data analytics platform. You will begin by learning the Hunk architecture and Hunk Virtual Index before moving on to how to easily analyze and visualize data using Splunk Search Language (SPL). Next you will meet Hunk Apps which can easy integrate with NoSQL data stores such as MongoDB or Sqqrl. You will also discover Hunk knowledge objects, build a semantic layer on top of Hadoop, and explore data using the friendly user-interface of Hunk Pivot. You will connect MongoDB and explore data in the data store. Finally, you will go through report acceleration techniques and analyze data in the AWS Cloud.

Related Content you might be interested in

Current Title:

Small book image
Learning Hunk
Dmitry Anoshin | Sergey Sheypak
Dec, 2015 | 156 pages
No titles found
Table of Contents (14 chapters)
Learning Hunk
Learning Hunk
Credits
Credits
About the Authors
About the Authors
About the Reviewer
About the Reviewer
www.PacktPub.com
www.PacktPub.com
Preface
Preface
Free Chapter
1
Meet Hunk
Meet Hunk
Big data analytics
The big problem
The elegant solution
Getting to know Hunk
Hunk architecture
Setting up Hadoop
Starting the VM and cluster in VirtualBox
Big data use case
Summary
2
Explore Hadoop Data with Hunk
Explore Hadoop Data with Hunk
Setting up Hunk
Exploring data
Controlling security with Hunk
Summary
3
Meeting Hunk Features
Meeting Hunk Features
Knowledge objects
Introducing Pivot
Summary
4
Adding Speed to Reports
Adding Speed to Reports
Big data performance issues
Hunk report acceleration
Hunk accelerations limits
Summary
5
Customizing Hunk
Customizing Hunk
What we are going to do with the Splunk SDK
Dashboard customization using Splunk Web Framework
A description of time-series aggregated CDR data
Implementation
Custom map components
The final result
Summary
6
Discovering Hunk Integration Apps
Discovering Hunk Integration Apps
What is Mongo?
Counting by shop in a single collection
Counting events in all collections
Summary
7
Exploring Data in the Cloud
Exploring Data in the Cloud
An introduction to Amazon EMR and S3
Integrating Hunk with EMR and S3
Converting Hunk from an hourly rate to a license
Summary
Index
Index

Hunk report acceleration

We can easily accelerate our searches, which is critical for business. The idea behind Hunk is easy: the same search on the same data always gives the same result. In other words, same search + same data = same results. In the case of acceleration, Hunk caches the results and returns them on demand. Moreover, it gives us the opportunity to choose a data range for a particular data summary. In other words, if the data change is due to a fresh portion of events, then the accelerated report will rebuild the data summary in order to meet the requirements of the particular data range. Technically, we just cache the map phase in HDFS. When we run the accelerated search, Hunk just returns straight to us. There are four main steps in running an accelerated search:

  1. The scheduled job builds a cache.

  2. Find cache hits.

  3. Stream the results to a search head.

  4. Reduce on the search head.

Tip

There is more information about search heads at: http://docs.splunk.com/Splexicon:Searchhead.

The...

Previous Section
End of Section 3
Next Section