Index
A
- Adaptive Security Appliance (ASA) firewall / IT operations and network security
- addtotals command / The addtotals command
- annotate action / The anomalousvalue command
- anomalies
- detection / Anomalies
- anomalies command
- using / The anomalies command
- anomalies detection
- about / Anomalies
- anomalies command, using / The anomalies command
- anomalousvalue command, using / The anomalousvalue command
- cluster command, using / The cluster command
- kmeans command, using / The kmeans command
- outlier command, using / The outlier command
- rare command, using / The rare command
- anomalousvalue command
- using / The anomalousvalue command
- appendcols command
- about / The appendcols command
- append command
- about / The append command
- appendpipe command
- about / The appendpipe command
- app key-value store
- about / The app key-value store
- system requirements / System requirements
- uses / Uses of the key-value store
- components / Components of the key-value store
- collections, managing via REST / Managing key-value store collections via REST
- examples / Examples
- replication / Replication of the key-value store
- architecture, Splunk
- about / Splunk's architecture
- pipeline / Splunk's architecture
- processors / Splunk's architecture
- parallelization, need for / The need for parallelization
- index parallelization / Index parallelization
- associate command
- using / The associate command
B
- button switcher
- about / Button switcher
- example / Example and implementation
- implementation / Example and implementation
C
- calendar heatmap visualization
- about / Calendar heatmap visualization
- example / Example
- Search query / Search query
- implementation / Implementation
- Call Detail Records (CDR) logs / IT operations and network security
- charts
- about / Charts
- coloring options / Charts – Coloring
- overlay / Chart overlay
- bubble charts / Bubble charts
- choropleth visualization / Geospatial visualization
- clean command
- about / The clean command
- cluster command
- using / The cluster command
- clusters / Distributed environment
- color modes
- about / Implementation
- sequential / Implementation
- categorical / Implementation
- divergent / Implementation
- comma-separated values (CSV) / Structured data
- comma delimiter / Delimiter
- contextual drilldown / Contextual drilldown
- contingency command
- using / The contingency command
- continuous scheduling / Intelligent job scheduling
- correlate command
- using / The correlate command
- correlation coefficient / The correlate command
- correlation commands
- about / Correlation
- correlate command / The correlate command
- associate command / The associate command
- diff command / The diff command
- contingency command / The contingency command
- crawl command
- about / The crawl command
- file parameter / The crawl command
- Network_Path parameter / The crawl command
- options parameter / The crawl command
- CSS (Cascading Style Sheet) / Tables – An icon set
- custom alert action
- about / The custom alert action
- alerting feature / What is alerting?, Alerting
- custom alert framework / The features
- implementation / Implementation
- example / Example
- custom alert action examples
- custom chart overlay
- about / Custom chart overlay
- example / Example
- implementation / Implementation
- custom CSS and JS
- used, for customizing Splunk / Custom look and feel
- using, example / Example and implementation
- implementation / Example and implementation
- custom decorations
- about / Custom decorations
- example / Example
- uses / What is the use of such custom decorations?
- implementation / Implementation
- customizations and formatting options, single value
- single value / Single value
- single value (label) / Single value
- single value (Sparkline and trend indicator) / Single value
- custom tokens
- about / Custom tokens
- example / Example
- implementation / Implementation
- Custom Visualizations app / Implementation
D
- dashboard components
- Splunk bar / Display controls
- App bar / Display controls
- Title bar / Display controls
- Edit bar / Display controls
- Footer / Display controls
- dashboard controls
- about / Dashboard controls
- HTML dashboard / HTML dashboard
- display controls / Display controls
- form input controls / Form input controls
- panel controls / Panel controls
- data
- adding, to Splunk / Adding data to Splunk – new interfaces
- about / Data and indexes
- data, accessing
- about / Accessing data
- index command / The index command
- eventcount command / The eventcount command
- datamodel command / The datamodel command
- dbinspect command / The dbinspect command
- crawl command / The crawl command
- data, managing
- about / Managing data
- input command / The input command
- delete command / The delete command
- clean command / The clean command
- summary indexing / Summary indexing
- data acceleration
- about / Data acceleration
- need for / Need for data acceleration
- data input methods
- about / Data input methods
- files and directories / Files and directories
- network sources / Network sources
- windows data / Windows data
- data input process
- improving / Improving the data input process
- data integrity control
- about / Data integrity control
- data model acceleration
- about / Data model acceleration
- datamodel command
- about / The datamodel command
- data_model_name parameter / The datamodel command
- object_name parameter / The datamodel command
- Search parameter / The datamodel command
- data processing
- about / Data processing
- event configuration / Event configuration
- timestamp configuration / Timestamp configuration
- host configuration / Host configuration
- data sources
- about / Data sources
- structured data / Structured data
- web and cloud services / Web and cloud services
- IT operations and network security / IT operations and network security
- databases / Databases
- application and operating system data / Application and operating system data
- DAX field / The trendline command
- dbinspect command
- about / The dbinspect command
- index parameter / The dbinspect command
- span parameter / The dbinspect command
- delete command
- about / The delete command
- Denial of Service (DOS) / The diff command
- diff command
- using / The diff command
- display controls
- about / Display controls
- example and implementation / Example and implementation
- syntax / Syntax
- distributed environment
- about / Distributed environment
- drilldown
- contextual drilldown / Contextual drilldown
- URL field value drilldown / The URL field value drilldown
- single value drilldown / Single value drilldown
- drilldown features
- about / Drilldown
- dynamic drilldown / Dynamic drilldown
- dynamic drilldown
- about / Dynamic drilldown
- x-axis or y-axis value, setting as token to form / The x-axis or y-axis value as a token to a form
- used, for passing row's specific column value / Dynamic drilldown to pass a respective row's specific column value
- used, for field name of clicked value / Dynamic drilldown to pass a fieldname of a clicked value
E
- eval command
- about / The eval command
- eval tokens
- about / Eval tokens
- syntax / Syntax of the eval token
- example / Example
- implementation / Implementation
- event configuration, data processing
- event line breaking / Event line breaking
- event configuration, data processing
- character encoding / Character encoding
- eventcount command
- about / The eventcount command
- index parameter / The eventcount command
- summarize parameter / The eventcount command
- report_size parameter / The eventcount command
- list_vix parameter / The eventcount command
- event pattern detection
- about / Event pattern detection
- event segmentation
- managing / Managing event segmentation
- event segmentation, types
- inner segmentation / Managing event segmentation
- outer segmentation / Managing event segmentation
- full segmentation / Managing event segmentation
- index-time segmentation / Managing event segmentation
- search-time segmentation / Managing event segmentation
- EXtensible Markup Language (XML) / Structured data
F
- failures
- about / Failures
- field extraction
- example / Example
- regular expression / Regular expression
- delimiter / Delimiter
- field extractor
- about / Field extractor
- accessing / Accessing field extractor
- using / Using field extractor
- fields
- about / Fields
- eval command / The eval command
- xmlkv command / The xmlkv command
- spath command / The spath command
- makemv command / The makemv command
- fillnull command / The fillnull command
- replace command / The replace command
- fields command
- about / The fields command
- filldown command
- about / The filldown command
- fillnull command
- about / The fillnull command
- force directed graph
- about / The force directed graph
- example / Example
- implementation / Implementation
- force directed graph, advantages
- good quality results / The force directed graph
- flexibility / The force directed graph
- simplicity / The force directed graph
- formatting and customization options, Splunk web console
- wrap result / Tables – Data overlay
- row numbers / Tables – Data overlay
- drilldown / Tables – Data overlay
- data overlay / Tables – Data overlay
- form input controls
- about / Form input controls
- example and implementation / Example and implementation
- Autorun / Example and implementation
- submit button / Example and implementation
- Search on change / Example and implementation
G
- geographical information
- adding / Geography and location
- adding, with iplocation command / The iplocation command
- adding, with geostats command / The geostats command
- geospatial visualization
- about / Geospatial visualization
- example / Example
- syntax / Syntax
- search query / Search query
- implementation / Implementation
- countries of the world / Implementation
- geostats command
- used, for adding geographical information / The geostats command
- GitHub
- reference link / Splunk with R for analytics
H
- head / tail command
- about / The head / tail command
- n parameter / The head / tail command
- Expression parameter / The head / tail command
- High Performance Analytics Store (HPAS) / Data model acceleration
- host configuration, data processing
- about / Host configuration
- static host value, configuring / Configuring a static host value – files and directories
- dynamic host value, configuring / Configuring a dynamic host value – files and directories
- host value, configuring / Configuring a host value – events
- HTTP Event Collector (EC)
- about / Adding data to Splunk – new interfaces, HTTP Event Collector
- and configuration / HTTP Event Collector and configuration
- configuring, via Splunk Web / Configuration via Splunk Web
- verifying / Configuration via Splunk Web
- Event Collector token, managing / Managing the Event Collector token
- JSON API format / The JSON API format
- HTTPS
- enabling, for Splunk Web / Enabling HTTPS for Splunk Web
- enabling, for Splunk forwarder / Enabling HTTPS for the Splunk forwarder
I
- icon set
- using / Tables – An icon set
- Identity Provider (IdP) provider / Authentication using SAML
- image overlay
- about / Image overlay
- example / Example
- uses / What is the use of image overlay?
- using, locations / Where can image overlay be used?
- implementation / Implementation
- index command
- about / The index command
- indexer auto-discovery
- about / Indexer auto-discovery
- example / Example
- implementing / Implementation
- sourcetype manager / Sourcetype manager
- indexes
- about / Data and indexes
- index parallelization
- about / Index parallelization
- index replication
- about / Index replication, Replication
- standalone environment / Standalone environment
- distributed environment / Distributed environment
- searching / Searching
- failures / Failures
- Input/output Operations Per Second (IOPS) / Index parallelization
- input command
- about / The input command
- inputcsv command
- about / The inputcsv command
- dispatch parameter / The inputcsv command
- append parameter / The inputcsv command
- events parameter / The inputcsv command
- filename parameter / The inputcsv command
- installation
- Splunk SDK / Installing the Splunk SDK
- Inter-quartile range (IQR) / The outlier command
- IP addresses / The rare command
- iplocation command
- used, for adding geographical information / The iplocation command
J
- JavaScript Object Notation (JSON) / Structured data
- job scheduling
- about / Intelligent job scheduling
- join command
- about / The join command
- JS (JavaScript) / Tables – An icon set
- JSON API format
- about / The JSON API format
- authentication / Authentication
- metadata / Metadata
- event data / Event data
K
- kmeans command
- using / The kmeans command
- KPI (Key Performance Indicators) / Example
L
- layout customization
- about / Layout customization
- panel width / Panel width
- example / Example
- grouping / Grouping
- panel toggle / Panel toggle
- image overlay / Image overlay
- Lightweight Directory Access Protocol (LDAP) / Splunk Enterprise Security
- linker switcher
- about / Link switcher
- example and implementation / Example and implementation
- links / The Sankey diagram
- localize command
- about / The localize command
- Local Level (LL) / The predict command
- localop command
- about / The localop command
- Log4j-based logging / Application and operating system data
- Log Event feature / Enhanced alert actions
M
- machine learning
- about / Machine learning
- process / Machine learning
- makecontinuous command / The makecontinuous command
- makemv command
- about / The makemv command
- delim parameter / The makemv command
- tokenizer parameter / The makemv command
- setsv parameter / The makemv command
- maps visualization / Geospatial visualization
- master node / Distributed environment
- ML toolkit / Machine learning
- moving average (ema) / The trendline command
- moving averages
- using / The trendline command
- multi search management
- about / Multi-search management
- example / Example
- implementation / Implementation
N
- nodes / The Sankey diagram
- null search swapper
- about / Null search swapper
- example / Example
- implementation / Implementation
- reject and depends token / Implementation
- unset and set token / Implementation
O
- outlier command
- using / The outlier command
- outlier detection / Anomalies
- outputcsv command
- about / The outputcsv command
- append parameter / The outputcsv command
- create_empty parameter / The outputcsv command
- dispatch parameter / The outputcsv command
- singlefile parameter / The outputcsv command
- filename parameter / The outputcsv command
P
- panel controls
- examples and implementation / Example and implementation
- refresh time, enabling/disabling / Enabling/disabling refresh time
- manual refresh link, disabling / Disabling the manual refresh link
- auto refresh, enabling / Enabling auto refresh
- panel toggle
- about / Panel toggle
- example / Example
- implementation / Implementation
- panel width
- customizing / Panel width
- example / Example
- implementation / Implementation
- parallel coordinates
- about / Parallel coordinates
- example / Example
- search query / Search query
- implementation / Implementation
- parallelization
- need for / The need for parallelization
- index parallelization / Index parallelization
- search parallelization / Search parallelization
- pipeline parallelization / Pipeline parallelization
- peer node / Distributed environment
- persistent data model acceleration
- delimiter / Data model acceleration
- pipe-separated values (PSV) / Structured data
- pipeline / Splunk's architecture
- pipeline parallelization
- about / Pipeline parallelization
- point in polygon lookup / Geospatial visualization
- predict command
- using / The predict command
- prediction technique
- using / Predicting and trending
- predict command, using / The predict command
- Prelert Anomaly Detective App for Splunk / Anomalies
- processors / Splunk's architecture
- punchcard visualization
- about / Punchcard visualization
- example / Example
- search query / Search query
- implementation / Implementation
- Python
- Setuptools, download link / Installing the Splunk SDK
R
- rare command
- using / The rare command
- real-time scheduling / Intelligent job scheduling
- recursive search post process / Multi-search management
- reltime command
- about / The reltime command
- replace command
- about / The replace command
- replication factor / Distributed environment
- reporting commands
- about / Reports
- makecontinuous command / The makecontinuous command
- addtotals command / The addtotals command
- xyseries command / The xyseries command
- results
- about / Results
- fields command / The fields command
- searchtxn command / The searchtxn command
- head / tail command / The head / tail command
- inputcsv command / The inputcsv command
- outputcsv command / The outputcsv command
- R tool
- download link / The setup
S
- SAML
- used, for authentication / Authentication using SAML
- Sankey diagram
- about / The Sankey diagram
- uses / The Sankey diagram
- example / Example, Parallel coordinates
- implementation / Implementation
- scheduling
- real-time scheduling / Intelligent job scheduling
- continuous scheduling / Intelligent job scheduling
- search
- about / Search
- command / The search command
- sendmail command / The sendmail command
- localop command / The localop command
- search command
- about / The search command
- keywords parameter / The search command
- wildcards parameter / The search command
- key_value_pairs / fields parameter / The search command
- phrases parameter / The search command
- operators parameter / The search command
- logical_expression parameter / The search command
- regular_expression parameter / The search command
- time_specifiers parameter / The search command
- search factor / Distributed environment
- search heads / Distributed environment
- search history
- about / Search history
- search log / Search log
- Search on Change / Example and implementation
- search optimizations
- about / Search optimizations
- time range / Time range
- search modes / Search modes
- searching, scope / Scope of searching
- search, terms / Search terms
- search parallelization
- about / Search parallelization
- pipeline parallelization / Pipeline parallelization
- search scheduler / The search scheduler
- searchtxn command
- about / The searchtxn command
- Secure Socket Layer (SSL) / Splunk Enterprise Security
- Security Assertion Markup Language (SAML) / Splunk Enterprise Security
- sendmail command
- about / The sendmail command
- email_id(s) parameter / The sendmail command
- subject parameter / The sendmail command
- format parameter / The sendmail command
- inline parameter / The sendmail command
- sendpdf parameter / The sendmail command
- server parameter / The sendmail command
- sequences-sunburst / Implementation
- Setuptools / Installing the Splunk SDK
- simple moving average (sma) / The trendline command
- Single Sign-On (SSO) / Authentication using SAML
- single value drilldown / Single value drilldown
- single value visualization
- about / Single value
- sourcetype manager
- about / Sourcetype manager
- creating / Sourcetype manager
- modifying / Sourcetype manager
- deleting / Sourcetype manager
- Sparklines
- about / Tables – Sparkline
- color, filing / Sparkline – Filling and changing color
- color, changing / Sparkline – Filling and changing color
- max value indicator / Sparkline – The max value indicator
- bar style / Sparkline – A bar style
- spath command
- about / The spath command
- input parameter / The spath command
- output parameter / The spath command
- path parameter / The spath command
- Splunk
- using, with R for analytics / Splunk with R for analytics
- integrating, with R app / The setup
- R, using with / Using R with Splunk
- using with Tableau for visualization / Splunk with Tableau for visualization
- Splunk 6.4
- storage optimization / Storage optimization
- machine learning / Machine learning
- predict command, features / Machine learning
- management / Management and admin
- admin / Management and admin
- HTTP Event Collector / Management and admin
- search statistics / Management and admin
- I/O statistics / Management and admin
- Indexer / Indexer and search head enhancement
- search head enhancement / Indexer and search head enhancement
- visualization / Visualizations
- multi-search management / Multi-search management
- enhanced alert actions / Enhanced alert actions
- Send log events to Splunk receiver endpoint / Enhanced alert actions
- Splunk add-on
- packaging / Packaging the application
- installing, via Splunk Web / Installing a Splunk app via Splunk Web
- manual installation / Installing the Splunk app manually
- developing / Developing a Splunk add-on
- building / Building an add-on
- technology add-on, installing / Installing a technology add-on
- Splunk add-ons
- examples / What is a technology add-on?
- managing / Managing Splunk apps and add-ons
- settings / Managing Splunk apps and add-ons
- Splunk APIs
- about / Splunk APIs
- index, creating / Creating and deleting an index
- index, deleting / Creating and deleting an index
- input, creating / Creating input
- files, uploading / Uploading files
- saved searches / Saved searches
- Splunk searches / Splunk searches
- Splunk app
- about / What is a Splunk app?
- developing / Developing a Splunk app
- on-boarding data / Developing a Splunk app
- analytics / Developing a Splunk app
- visualization / Developing a Splunk app
- creating / Creating the Splunk application and technology add-on
- managing / Managing Splunk apps and add-ons
- Splunk apps, app store
- about / Splunk apps from the app store
- Splunk add-on for Oracle database / Splunk apps from the app store
- history analysis, browsing / Splunk apps from the app store
- Splunk add-on for Microsoft Azure / Splunk apps from the app store
- Splunk app for web analytics / Splunk apps from the app store
- Splunk app store
- download link / The setup
- Splunk buckets
- about / Splunk buckets
- hot bucket / Splunk buckets
- warm bucket / Splunk buckets
- cold bucket / Splunk buckets
- frozen bucket / Splunk buckets
- splunkd / Splunk's architecture
- splunkd log / splunkd log
- Splunk Enterprise Security (SES)
- about / Splunk Enterprise Security
- HTTPS, enabling for Splunk Web / Enabling HTTPS for Splunk Web
- HTTPS, enabling for Splunk forwarder / Enabling HTTPS for the Splunk forwarder
- password, securing with Splunk / Securing a password with Splunk
- access control list / The access control list
- Splunk Health
- about / Splunk health
- splunkd log / splunkd log
- search log / Search log
- Splunk Icon font / Example
- Splunk Machine Learning / Using R with Splunk
- Splunk SDK
- about / The Splunk SDK
- uses, scenarios / The Splunk SDK
- installing / Installing the Splunk SDK
- reference link / Installing the Splunk SDK
- download link / Installing the Splunk SDK
- for Python, download link / Installing the Splunk SDK
- download link, for Python / Installing the Splunk SDK
- for Python / The Splunk SDK for Python
- Splunk SDK, for Python
- about / The Splunk SDK for Python
- Splunk API, importing in Python / Importing the Splunk API in Python
- Splunk server, connecting / Connecting and authenticating the Splunk server
- Splunk server, authenticating / Connecting and authenticating the Splunk server
- Splunk APIs / Splunk APIs
- Splunk searches, modes
- normal mode / Splunk searches
- blocking mode / Splunk searches
- one-shot search mode / Splunk searches
- subsearch
- about / Subsearch
- append command / The append command
- appendcols command / The appendcols command
- appendpipe command / The appendpipe command
- join command / The join command
- summary indexing
- about / Summary indexing
- index_name parameter / Summary indexing
- File_name parameter / Summary indexing
- Host_name parameter / Summary indexing
- Source_name parameter / Summary indexing
- Sourcetype_name parameter / Summary indexing
- summary parallelization
- about / Summary parallelization
- sunburst sequence
- about / Sunburst sequence, What is a sunburst sequence?
- example / Example
- implementation / Implementation
- switcher
- about / Switcher
- link switcher / Link switcher
- button switcher / Button switcher
T
- Tableau
- setup / The setup
- download link / The setup
- using, with Splunk / Using Tableau with Splunk
- tabular output
- data overlay / Tables – Data overlay
- Sparklines / Tables – Sparkline
- icon set / Tables – An icon set
- technology add-on
- time
- about / Time
- reltime command / The reltime command
- localize command / The localize command
- Time Series Index (TSIDX) files / Splunk's architecture
- tokens
- about / Tokens
- capturing, ways / Tokens
- use cases / Tokens
- eval tokens / Eval tokens
- custom tokens / Custom tokens
- transform action / The outlier command
- trending technique
- trendline command, using / The trendline command
- x11 command, using / The x11 command
- trendline command
- using / The trendline command
- tsidx Retention Policy feature / Storage optimization
U
- URL field value drilldown / The URL field value drilldown
- use cases, custom alert action
- use cases, tokens
V
- visualization
- configuration settings / Prerequisites – configuration settings
- visualization grouping
- about / Grouping
- example / Example
- single-value grouping / Single-value grouping
- visualization grouping / Visualization grouping
- implementation / Implementation
- Visualizations tab, Splunk 6.4
- timeline, reference link / Visualizations
- status indicator, reference link / Visualizations
- horizon charts, reference link / Visualizations
- treemap, reference link / Visualizations
- bullet graph reference link / Visualizations
- location tracker, reference link / Visualizations
W
- weighted moving average (wma) / The trendline command
X
- x11 command
- using / The x11 command
- xmlkv command
- about / The xmlkv command
- xyseries command / The xyseries command