Getting started with splunk
Sponsored Links
This presentation is the property of its rightful owner.
1 / 17

Getting Started with Splunk PowerPoint PPT Presentation


  • 220 Views
  • Uploaded on
  • Presentation posted in: General

Getting Started with Splunk. Name Title. Date. Agenda. Getting Started (5 minutes) Splunk at <Your Company> (5-10 minutes) Orientation (15-20 minutes) Getting Help (5-10 minutes) Q & A (10-15 minutes). Introductions. Who are you? What is your role? Where does your job start and end?

Download Presentation

Getting Started with Splunk

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -

Presentation Transcript


Getting Startedwith Splunk

NameTitle

Date


Agenda

  • Getting Started (5 minutes)

  • Splunk at <Your Company> (5-10 minutes)

  • Orientation (15-20 minutes)

  • Getting Help (5-10 minutes)

  • Q & A (10-15 minutes)


Introductions

  • Who are you?

  • What is your role?

    • Where does your job start and end?

  • Who’s in the audience?

    • Have the audience introduce themselves?

    • How much experience do they have with Splunk?

    • What do they hope to gain from the workshop?


Getting Started

  • How to access Splunk?

    • <Splunk URL>

    • <Credentials: LDAP or other?>

  • How to request access?

    • What is the new user onboarding process?

    • You have a process, right? ;)

  • What data is currently collected and available?

    • What is the new data onboarding process?

    • Please say you have a process


Splunk Environment

  • How is Splunk deployed?

    • Present a diagram of your Splunk deployment (example on next slide)

  • Splunk can be downloaded free and sets up in <5 minutes

    • Free version can be used as sandboxes to learn Splunk or test new configuration

    • Free version for home/personal use


<Your Company> Splunk ArchitectureLicense Capacity: 500 GB/day

Distributed Search and

Summary Indexing Tier

Indexing Tier

x5

Forwarders or Forwarding Tier

proxy

laptops

desktops

syslog

firewall

config

applications

servers/VMs

Data Sources


<Your Company> Use Cases

Who is using Splunk (individual users or teams)?

What are they doing with Splunk?

Highlight success stories, cool challenges solved or interesting questions answered by Splunk.

Example: our CIO is able to track productivity using Splunk dashboards of web proxy data.

Poll the audience for their use cases.


Orientation

  • Provide a walk through of the Splunk UI

    • Show the Launcher

    • Show the Getting Started App

    • Show the Search App

      • cover the data (sourcetypes, hosts, sources)

      • run a simple search with wildcards/booleans

      • explain the timeline, search controls, filters

      • explain the time range picker (historic vs. real-time searches)

      • find the search in the Jobs manager

      • introduce search commands

      • explain fields and/or demo the interactive field extractor

      • show how to save and schedule searches

      • build a simple report

      • make a simple dashboard

    • Ask the audience for search ideas or questions they want answered


Orientation

  • Mention the existence of the CLI and REST APIs

  • Show other cool Apps

    • Show Apps you have installed

    • Example: use the GoogleMaps App to geolocate events

    • Download more from SplunkBase

    • Users can also build their own


Getting Help

Is there an internal wiki or website with more information?

Is there an internal mailing list users can ping?

Is there an internal chat list?

Are there team experts who can be leveraged?


Technical Help: Splunk Answers

  • http://answers.splunk.com

  • Community driven

  • Splunk supported

  • Knowledge exchange

  • Q & A


Technical Help: Splunk Documentation

  • http://docs.splunk.com

  • Official Product Docs

  • Wiki and community topics

  • Updated daily

  • Can be printed to .PDF


Splunk Education

  • Develop internal Splunk experts

  • Recommended for New Users

    • Using Splunk

    • Searching & Reporting

  • Recommended for Admins

    • Administering

    • Deploying Splunk

  • Recommended for UI/Dashboard Developers

    • Developing Apps


Splunk Events

  • Splunk User Groups

    • Community driven

    • Bootstrapped by Splunk

    • Occur every 2-3 months

    • Hosted locally

  • Splunk Live!

    • Worldwide customer events

    • Technical workshops for beginners and power users

    • Local Events held in LA, OC, San Diego, Phoenix yearly

  • Splunk User Conference

    • August 15-17 in San Francisco, CA

    • 5 tracks, more than 40 sessions, the smartest Splunk users together

    • May 13th early registration promotion

www.splunk.com > Events


Other Ways to Get Help


Q&A

  • Questions?

  • Looking Ahead

    • Was the workshop useful?

    • Get ideas for future workshops

    • Recruit someone in the audience to host a future workshop

    • Consider hosting a Search/Story of the Month contest


Thank You :)


  • Login