Book Image

Splunk Operational Intelligence Cookbook

Book Image

Splunk Operational Intelligence Cookbook

Overview of this book

This book is intended for users of all levels who are looking to leverage the Splunk Enterprise platform as a valuable operational intelligence tool. The recipes provided in this book will appeal to individuals from all facets of a business – IT, Security, Product, Marketing, and many more!
Table of Contents (12 chapters)
11
Index

Displaying the maximum number of concurrent sessions over time


In the past two recipes of this chapter, you leveraged a method of data summarization called summary indexing to summarize data into a new index, which you then reported on. In this recipe, you will use another method of data summarization known as report acceleration to speed up your report times.

In this recipe, you will create a report to look for the maximum number of concurrent sessions over a time period of 30 days. This report will then be accelerated to speed up the time taken to execute the search.

Getting ready

To step through this recipe, you will need a running Splunk Enterprise server, with the sample data loaded from Chapter 1, Play Time – Getting Data In. You should be familiar with navigating the Splunk user interface and using the Splunk search language.

How to do it...

Follow the steps in this recipe to leverage report acceleration to display the maximum number of concurrent sessions over time:

  1. Log in to your Splunk...