Book Image

Splunk Operational Intelligence Cookbook

Book Image

Splunk Operational Intelligence Cookbook

Overview of this book

This book is intended for users of all levels who are looking to leverage the Splunk Enterprise platform as a valuable operational intelligence tool. The recipes provided in this book will appeal to individuals from all facets of a business – IT, Security, Product, Marketing, and many more!
Table of Contents (12 chapters)
11
Index

Finding abnormally sized web requests


The identification of abnormalities within events can prove to be valuable for many reasons; it can lead to the identification of a resource issue, highlight malicious activities hidden within high volumes of events, or simply detect users attempting to interact with the application in a way they were not designed to. When building an Operational Intelligence application for your website, the ability to detect abnormal activities should be at the top of your list. Frequently, after issues are identified, remediated, and due diligence has been done, it is common to see that some abnormality in the system or application was an early identifier of the cause. Capitalize on these opportunities to capture the abnormalities and triage them accordingly.

In this recipe, you will create a Splunk search to highlight abnormal web requests based on the size of the request over a given time period. You will then present all findings in a tabular format.

Getting ready...