Book Image

Mastering Splunk

By : James D. Miller
Book Image

Mastering Splunk

By: James D. Miller

Overview of this book

Table of Contents (18 chapters)
Mastering Splunk
About the Author
About the Reviewers

General concepts

In this book, we started out by defining what Splunk is and what we believe it is becoming. In addition, we took a walkthrough of how to obtain and install Splunk and once installed, we covered searching, tables, charts, and fields as well as covered how to implement lookups, dashboards, indexing, apps, monitoring, and transactions.

At this point, you should be comfortable with all of this—which is referred to as "tactical Splunk". Now, it is time to discuss Splunk from a strategic (or enterprise) perspective. When we say strategic, we mean doing things in a proven way and specifically looking for opportunities to gain an edge through the development and management of Splunk knowledge and knowledge objects. This viewpoint is well defined in the much written about Capability Maturity Model (which is discussed later in this chapter, in the A Structured Approach section) and generally explains the progression of an organization's perspective from tactical to strategic.