SlideShare una empresa de Scribd logo

SplunkGettingStartedWorkshop.pptx

Descargar como PPTX, PDF
C
Cazlp1

Splunk Presentation Template

Tecnología
1 de 17
Copyright © 2011, Splunk Inc. Listen to your data. Date Name Title Getting Started with Splunk
Copyright © 2011, Splunk Inc. Listen to your data. Agenda 2 • Getting Started (5 minutes) • Splunk at <Your Company> (5-10 minutes) • Orientation (15-20 minutes) • Getting Help (5-10 minutes) • Q & A (10-15 minutes)
Copyright © 2011, Splunk Inc. Listen to your data. Introductions 3 • Who are you? • What is your role? – Where does your job start and end? • Who’s in the audience? – Have the audience introduce themselves? – How much experience do they have with Splunk? – What do they hope to gain from the workshop?
Copyright © 2011, Splunk Inc. Listen to your data. Getting Started 4 • How to access Splunk? – <Splunk URL> – <Credentials: LDAP or other?> • How to request access? – What is the new user onboarding process? – You have a process, right? ;) • What data is currently collected and available? – What is the new data onboarding process? – Please say you have a process
Copyright © 2011, Splunk Inc. Listen to your data. Splunk Environment 5 • How is Splunk deployed? – Present a diagram of your Splunk deployment (example on next slide) • Splunk can be downloaded free and sets up in <5 minutes – Free version can be used as sandboxes to learn Splunk or test new configuration – Free version for home/personal use
Copyright © 2011, Splunk Inc. Listen to your data. <Your Company> Splunk Architecture License Capacity: 500 GB/day 6 x5 … Distributed Search and Summary Indexing Tier Indexing Tier Forwarders or Forwarding Tier Data Sources laptops desktops proxy applications syslog firewall servers/VMs config
Copyright © 2011, Splunk Inc. Listen to your data. <Your Company> Use Cases 7 • Who is using Splunk (individual users or teams)? • What are they doing with Splunk? • Highlight success stories, cool challenges solved or interesting questions answered by Splunk. • Example: our CIO is able to track productivity using Splunk dashboards of web proxy data. • Poll the audience for their use cases.
Copyright © 2011, Splunk Inc. Listen to your data. Orientation 8 • Provide a walk through of the Splunk UI – Show the Launcher – Show the Getting Started App – Show the Search App  cover the data (sourcetypes, hosts, sources)  run a simple search with wildcards/booleans  explain the timeline, search controls, filters  explain the time range picker (historic vs. real-time searches)  find the search in the Jobs manager  introduce search commands  explain fields and/or demo the interactive field extractor  show how to save and schedule searches  build a simple report  make a simple dashboard – Ask the audience for search ideas or questions they want answered
Copyright © 2011, Splunk Inc. Listen to your data. Orientation 9 • Mention the existence of the CLI and REST APIs • Show other cool Apps – Show Apps you have installed – Example: use the GoogleMaps App to geolocate events – Download more from SplunkBase – Users can also build their own
Copyright © 2011, Splunk Inc. Listen to your data. Getting Help 10 • Is there an internal wiki or website with more information? • Is there an internal mailing list users can ping? • Is there an internal chat list? • Are there team experts who can be leveraged?
Copyright © 2011, Splunk Inc. Listen to your data. Technical Help: Splunk Answers 11 http://answers.splunk.com Community driven Splunk supported Knowledge exchange Q & A
Copyright © 2011, Splunk Inc. Listen to your data. Technical Help: Splunk Documentation 12 http://docs.splunk.com Official Product Docs Wiki and community topics Updated daily Can be printed to .PDF
Copyright © 2011, Splunk Inc. Listen to your data. Splunk Education 13 Develop internal Splunk experts Recommended for New Users – Using Splunk – Searching & Reporting Recommended for Admins – Administering – Deploying Splunk Recommended for UI/Dashboard Developers – Developing Apps
Copyright © 2011, Splunk Inc. Listen to your data. Splunk Events 14 Splunk User Groups – Community driven – Bootstrapped by Splunk – Occur every 2-3 months – Hosted locally Splunk Live! – Worldwide customer events – Technical workshops for beginners and power users – Local Events held in LA, OC, San Diego, Phoenix yearly Splunk User Conference – August 15-17 in San Francisco, CA – 5 tracks, more than 40 sessions, the smartest Splunk users together – May 13th early registration promotion www.splunk.com > Events
Copyright © 2011, Splunk Inc. Listen to your data. Other Ways to Get Help 15 Post a Question to Splunk Answers Find an app on Splunkbase Join the IRC channel #splunk on efnet Join the Splunk LinkedIn Group Follow @Splunk on Twitter Watch Splunk Videos on YouTube
Copyright © 2011, Splunk Inc. Listen to your data. Q&A 16 • Questions? • Looking Ahead – Was the workshop useful? – Get ideas for future workshops – Recruit someone in the audience to host a future workshop – Consider hosting a Search/Story of the Month contest
Copyright © 2011, Splunk Inc. Listen to your data. Thank You :)

Recomendados

Splunk sales presentation
Splunk sales presentationSplunk sales presentation
Splunk sales presentation
jpelletier123
 
Splunk Fundamentals: Investigations with Core Splunk - Splunk Tech Day
Splunk Fundamentals: Investigations with Core Splunk - Splunk Tech DaySplunk Fundamentals: Investigations with Core Splunk - Splunk Tech Day
Splunk Fundamentals: Investigations with Core Splunk - Splunk Tech Day
Zivaro Inc
 
AdvancedMD Customer Presentation
AdvancedMD Customer PresentationAdvancedMD Customer Presentation
AdvancedMD Customer Presentation
Splunk
 
AdvancedMD Customer Presentation
AdvancedMD Customer PresentationAdvancedMD Customer Presentation
AdvancedMD Customer Presentation
Splunk
 
Customer Presentation - Telus
Customer Presentation - TelusCustomer Presentation - Telus
Customer Presentation - Telus
Splunk
 
Getting Started with Splunk Enterprise
Getting Started with Splunk EnterpriseGetting Started with Splunk Enterprise
Getting Started with Splunk Enterprise
Splunk
 
Getting Started with Splunk Enterprise
Getting Started with Splunk EnterpriseGetting Started with Splunk Enterprise
Getting Started with Splunk Enterprise
Shannon Cuthbertson
 
SplunkLive! Customer Presentation – Ticketmaster
SplunkLive! Customer Presentation – TicketmasterSplunkLive! Customer Presentation – Ticketmaster
SplunkLive! Customer Presentation – Ticketmaster
Splunk
 

Recomendados

Splunk sales presentation
Splunk sales presentationSplunk sales presentation
Splunk sales presentation
jpelletier123
 
Splunk Fundamentals: Investigations with Core Splunk - Splunk Tech Day
Splunk Fundamentals: Investigations with Core Splunk - Splunk Tech DaySplunk Fundamentals: Investigations with Core Splunk - Splunk Tech Day
Splunk Fundamentals: Investigations with Core Splunk - Splunk Tech Day
Zivaro Inc
 
AdvancedMD Customer Presentation
AdvancedMD Customer PresentationAdvancedMD Customer Presentation
AdvancedMD Customer Presentation
Splunk
 
AdvancedMD Customer Presentation
AdvancedMD Customer PresentationAdvancedMD Customer Presentation
AdvancedMD Customer Presentation
Splunk
 
Customer Presentation - Telus
Customer Presentation - TelusCustomer Presentation - Telus
Customer Presentation - Telus
Splunk
 
Getting Started with Splunk Enterprise
Getting Started with Splunk EnterpriseGetting Started with Splunk Enterprise
Getting Started with Splunk Enterprise
Splunk
 
Getting Started with Splunk Enterprise
Getting Started with Splunk EnterpriseGetting Started with Splunk Enterprise
Getting Started with Splunk Enterprise
Shannon Cuthbertson
 
SplunkLive! Customer Presentation – Ticketmaster
SplunkLive! Customer Presentation – TicketmasterSplunkLive! Customer Presentation – Ticketmaster
SplunkLive! Customer Presentation – Ticketmaster
Splunk
 
Splunk for ITOA Breakout Session
Splunk for ITOA Breakout SessionSplunk for ITOA Breakout Session
Splunk for ITOA Breakout Session
Splunk
 
SplunkLive 2011 Beginners Session
SplunkLive 2011 Beginners SessionSplunkLive 2011 Beginners Session
SplunkLive 2011 Beginners Session
Splunk
 
SplunkLive! Washington DC May 2013 - Developer Session
SplunkLive! Washington DC May 2013 - Developer SessionSplunkLive! Washington DC May 2013 - Developer Session
SplunkLive! Washington DC May 2013 - Developer Session
Splunk
 
Using Splunk 6.3 - eLearning.pdf
Using Splunk 6.3 - eLearning.pdfUsing Splunk 6.3 - eLearning.pdf
Using Splunk 6.3 - eLearning.pdf
llan47
 
Portland Splunk User Group May 2020
Portland Splunk User Group May 2020 Portland Splunk User Group May 2020
Portland Splunk User Group May 2020
Amanda Richardson
 
Splunk for Developers
Splunk for DevelopersSplunk for Developers
Splunk for Developers
Splunk
 
Best Practices for a CoE
Best Practices for a CoEBest Practices for a CoE
Best Practices for a CoE
Splunk
 
Splunk for Developers
Splunk for DevelopersSplunk for Developers
Splunk for Developers
Splunk
 
Splunk .conf18 Updates, Config Add-on, SplDevOps
Splunk .conf18 Updates, Config Add-on, SplDevOpsSplunk .conf18 Updates, Config Add-on, SplDevOps
Splunk .conf18 Updates, Config Add-on, SplDevOps
Harry McLaren
 
dlux splunk>live! 2012 Beginners Session
dlux splunk>live! 2012 Beginners Sessiondlux splunk>live! 2012 Beginners Session
dlux splunk>live! 2012 Beginners Session
David Lutz
 
SFBA Splunk Usergroup meeting March 13, 2024
SFBA Splunk Usergroup meeting March 13, 2024SFBA Splunk Usergroup meeting March 13, 2024
SFBA Splunk Usergroup meeting March 13, 2024
Becky Burwell
 
Splunk for Developers
Splunk for DevelopersSplunk for Developers
Splunk for Developers
Splunk
 
Splunk for Developers Breakout Session
Splunk for Developers Breakout SessionSplunk for Developers Breakout Session
Splunk for Developers Breakout Session
Splunk
 
6.4 whats new
6.4 whats new6.4 whats new
6.4 whats new
Splunk
 
Big Data Workshop: Splunk and Dell EMC...Better Together
Big Data Workshop: Splunk and Dell EMC...Better TogetherBig Data Workshop: Splunk and Dell EMC...Better Together
Big Data Workshop: Splunk and Dell EMC...Better Together
Zivaro Inc
 
Splunk Developer Platform
Splunk Developer PlatformSplunk Developer Platform
Splunk Developer Platform
Damien Dallimore
 
Customer Presentation
Customer PresentationCustomer Presentation
Customer Presentation
Splunk
 
Splunk 6.4 Administration.pdf
Splunk 6.4 Administration.pdfSplunk 6.4 Administration.pdf
Splunk 6.4 Administration.pdf
nitinscribd
 
Splunk User Group Edinburgh - September Event
Splunk User Group Edinburgh - September EventSplunk User Group Edinburgh - September Event
Splunk User Group Edinburgh - September Event
Harry McLaren
 
A Lap Around Developer Awesomeness in Splunk 6.3
A Lap Around Developer Awesomeness in Splunk 6.3A Lap Around Developer Awesomeness in Splunk 6.3
A Lap Around Developer Awesomeness in Splunk 6.3
Glenn Block
 
Structuring Teams and Portfolios for Success
Structuring Teams and Portfolios for SuccessStructuring Teams and Portfolios for Success
Structuring Teams and Portfolios for Success
UXDXConf
 
TopCryptoSupers 12thReport OrionX May2024
TopCryptoSupers 12thReport OrionX May2024TopCryptoSupers 12thReport OrionX May2024
TopCryptoSupers 12thReport OrionX May2024
Stephen Perrenod
 

Más contenido relacionado

Similar a SplunkGettingStartedWorkshop.pptx

SplunkLive 2011 Beginners Session
SplunkLive 2011 Beginners SessionSplunkLive 2011 Beginners Session
SplunkLive 2011 Beginners Session
Splunk
 
SplunkLive! Washington DC May 2013 - Developer Session
SplunkLive! Washington DC May 2013 - Developer SessionSplunkLive! Washington DC May 2013 - Developer Session
SplunkLive! Washington DC May 2013 - Developer Session
Splunk
 
Using Splunk 6.3 - eLearning.pdf
Using Splunk 6.3 - eLearning.pdfUsing Splunk 6.3 - eLearning.pdf
Using Splunk 6.3 - eLearning.pdf
llan47
 
Splunk 6.4 Administration.pdf
Splunk 6.4 Administration.pdfSplunk 6.4 Administration.pdf
Splunk 6.4 Administration.pdf
nitinscribd
 

Similar a SplunkGettingStartedWorkshop.pptx (20)

Splunk for ITOA Breakout Session
Splunk for ITOA Breakout SessionSplunk for ITOA Breakout Session
Splunk for ITOA Breakout Session
 
SplunkLive 2011 Beginners Session
SplunkLive 2011 Beginners SessionSplunkLive 2011 Beginners Session
SplunkLive 2011 Beginners Session
 
SplunkLive! Washington DC May 2013 - Developer Session
SplunkLive! Washington DC May 2013 - Developer SessionSplunkLive! Washington DC May 2013 - Developer Session
SplunkLive! Washington DC May 2013 - Developer Session
 
Using Splunk 6.3 - eLearning.pdf
Using Splunk 6.3 - eLearning.pdfUsing Splunk 6.3 - eLearning.pdf
Using Splunk 6.3 - eLearning.pdf
 
Portland Splunk User Group May 2020
Portland Splunk User Group May 2020 Portland Splunk User Group May 2020
Portland Splunk User Group May 2020
 
Splunk for Developers
Splunk for DevelopersSplunk for Developers
Splunk for Developers
 
Best Practices for a CoE
Best Practices for a CoEBest Practices for a CoE
Best Practices for a CoE
 
Splunk for Developers
Splunk for DevelopersSplunk for Developers
Splunk for Developers
 
Splunk .conf18 Updates, Config Add-on, SplDevOps
Splunk .conf18 Updates, Config Add-on, SplDevOpsSplunk .conf18 Updates, Config Add-on, SplDevOps
Splunk .conf18 Updates, Config Add-on, SplDevOps
 
dlux splunk>live! 2012 Beginners Session
dlux splunk>live! 2012 Beginners Sessiondlux splunk>live! 2012 Beginners Session
dlux splunk>live! 2012 Beginners Session
 
SFBA Splunk Usergroup meeting March 13, 2024
SFBA Splunk Usergroup meeting March 13, 2024SFBA Splunk Usergroup meeting March 13, 2024
SFBA Splunk Usergroup meeting March 13, 2024
 
Splunk for Developers
Splunk for DevelopersSplunk for Developers
Splunk for Developers
 
Splunk for Developers Breakout Session
Splunk for Developers Breakout SessionSplunk for Developers Breakout Session
Splunk for Developers Breakout Session
 
6.4 whats new
6.4 whats new6.4 whats new
6.4 whats new
 
Big Data Workshop: Splunk and Dell EMC...Better Together
Big Data Workshop: Splunk and Dell EMC...Better TogetherBig Data Workshop: Splunk and Dell EMC...Better Together
Big Data Workshop: Splunk and Dell EMC...Better Together
 
Splunk Developer Platform
Splunk Developer PlatformSplunk Developer Platform
Splunk Developer Platform
 
Customer Presentation
Customer PresentationCustomer Presentation
Customer Presentation
 
Splunk 6.4 Administration.pdf
Splunk 6.4 Administration.pdfSplunk 6.4 Administration.pdf
Splunk 6.4 Administration.pdf
 
Splunk User Group Edinburgh - September Event
Splunk User Group Edinburgh - September EventSplunk User Group Edinburgh - September Event
Splunk User Group Edinburgh - September Event
 
A Lap Around Developer Awesomeness in Splunk 6.3
A Lap Around Developer Awesomeness in Splunk 6.3A Lap Around Developer Awesomeness in Splunk 6.3
A Lap Around Developer Awesomeness in Splunk 6.3
 

Último

Structuring Teams and Portfolios for Success
Structuring Teams and Portfolios for SuccessStructuring Teams and Portfolios for Success
Structuring Teams and Portfolios for Success
UXDXConf
 
TopCryptoSupers 12thReport OrionX May2024
TopCryptoSupers 12thReport OrionX May2024TopCryptoSupers 12thReport OrionX May2024
TopCryptoSupers 12thReport OrionX May2024
Stephen Perrenod
 
Designing for Hardware Accessibility at Comcast
Designing for Hardware Accessibility at ComcastDesigning for Hardware Accessibility at Comcast
Designing for Hardware Accessibility at Comcast
UXDXConf
 
Breaking Down the Flutterwave Scandal What You Need to Know.pdf
Breaking Down the Flutterwave Scandal What You Need to Know.pdfBreaking Down the Flutterwave Scandal What You Need to Know.pdf
Breaking Down the Flutterwave Scandal What You Need to Know.pdf
UK Journal
 
Integrating Telephony Systems with Salesforce: Insights and Considerations, B...
Integrating Telephony Systems with Salesforce: Insights and Considerations, B...Integrating Telephony Systems with Salesforce: Insights and Considerations, B...
Integrating Telephony Systems with Salesforce: Insights and Considerations, B...
CzechDreamin
 
Easier, Faster, and More Powerful – Alles Neu macht der Mai -Wir durchleuchte...
Easier, Faster, and More Powerful – Alles Neu macht der Mai -Wir durchleuchte...Easier, Faster, and More Powerful – Alles Neu macht der Mai -Wir durchleuchte...
Easier, Faster, and More Powerful – Alles Neu macht der Mai -Wir durchleuchte...
panagenda
 
ECS 2024 Teams Premium - Pretty Secure
ECS 2024 Teams Premium - Pretty SecureECS 2024 Teams Premium - Pretty Secure
ECS 2024 Teams Premium - Pretty Secure
Femke de Vroome
 
Future Visions: Predictions to Guide and Time Tech Innovation, Peter Udo Diehl
Future Visions: Predictions to Guide and Time Tech Innovation, Peter Udo DiehlFuture Visions: Predictions to Guide and Time Tech Innovation, Peter Udo Diehl
Future Visions: Predictions to Guide and Time Tech Innovation, Peter Udo Diehl
Peter Udo Diehl
 

Último (20)

Structuring Teams and Portfolios for Success
Structuring Teams and Portfolios for SuccessStructuring Teams and Portfolios for Success
Structuring Teams and Portfolios for Success
 
TopCryptoSupers 12thReport OrionX May2024
TopCryptoSupers 12thReport OrionX May2024TopCryptoSupers 12thReport OrionX May2024
TopCryptoSupers 12thReport OrionX May2024
 
Free and Effective: Making Flows Publicly Accessible, Yumi Ibrahimzade
Free and Effective: Making Flows Publicly Accessible, Yumi IbrahimzadeFree and Effective: Making Flows Publicly Accessible, Yumi Ibrahimzade
Free and Effective: Making Flows Publicly Accessible, Yumi Ibrahimzade
 
Portal Kombat : extension du réseau de propagande russe
Portal Kombat : extension du réseau de propagande russePortal Kombat : extension du réseau de propagande russe
Portal Kombat : extension du réseau de propagande russe
 
The Metaverse: Are We There Yet?
The Metaverse: Are We There Yet?The Metaverse: Are We There Yet?
The Metaverse: Are We There Yet?
 
TEST BANK For, Information Technology Project Management 9th Edition Kathy Sc...
TEST BANK For, Information Technology Project Management 9th Edition Kathy Sc...TEST BANK For, Information Technology Project Management 9th Edition Kathy Sc...
TEST BANK For, Information Technology Project Management 9th Edition Kathy Sc...
 
Extensible Python: Robustness through Addition - PyCon 2024
Extensible Python: Robustness through Addition - PyCon 2024Extensible Python: Robustness through Addition - PyCon 2024
Extensible Python: Robustness through Addition - PyCon 2024
 
ASRock Industrial FDO Solutions in Action for Industrial Edge AI _ Kenny at A...
ASRock Industrial FDO Solutions in Action for Industrial Edge AI _ Kenny at A...ASRock Industrial FDO Solutions in Action for Industrial Edge AI _ Kenny at A...
ASRock Industrial FDO Solutions in Action for Industrial Edge AI _ Kenny at A...
 
AI revolution and Salesforce, Jiří Karpíšek
AI revolution and Salesforce, Jiří KarpíšekAI revolution and Salesforce, Jiří Karpíšek
AI revolution and Salesforce, Jiří Karpíšek
 
Designing for Hardware Accessibility at Comcast
Designing for Hardware Accessibility at ComcastDesigning for Hardware Accessibility at Comcast
Designing for Hardware Accessibility at Comcast
 
Breaking Down the Flutterwave Scandal What You Need to Know.pdf
Breaking Down the Flutterwave Scandal What You Need to Know.pdfBreaking Down the Flutterwave Scandal What You Need to Know.pdf
Breaking Down the Flutterwave Scandal What You Need to Know.pdf
 
FDO for Camera, Sensor and Networking Device – Commercial Solutions from VinC...
FDO for Camera, Sensor and Networking Device – Commercial Solutions from VinC...FDO for Camera, Sensor and Networking Device – Commercial Solutions from VinC...
FDO for Camera, Sensor and Networking Device – Commercial Solutions from VinC...
 
Simplified FDO Manufacturing Flow with TPMs _ Liam at Infineon.pdf
Simplified FDO Manufacturing Flow with TPMs _ Liam at Infineon.pdfSimplified FDO Manufacturing Flow with TPMs _ Liam at Infineon.pdf
Simplified FDO Manufacturing Flow with TPMs _ Liam at Infineon.pdf
 
Integrating Telephony Systems with Salesforce: Insights and Considerations, B...
Integrating Telephony Systems with Salesforce: Insights and Considerations, B...Integrating Telephony Systems with Salesforce: Insights and Considerations, B...
Integrating Telephony Systems with Salesforce: Insights and Considerations, B...
 
Overview of Hyperledger Foundation
Overview of Hyperledger FoundationOverview of Hyperledger Foundation
Overview of Hyperledger Foundation
 
Easier, Faster, and More Powerful – Alles Neu macht der Mai -Wir durchleuchte...
Easier, Faster, and More Powerful – Alles Neu macht der Mai -Wir durchleuchte...Easier, Faster, and More Powerful – Alles Neu macht der Mai -Wir durchleuchte...
Easier, Faster, and More Powerful – Alles Neu macht der Mai -Wir durchleuchte...
 
Enterprise Knowledge Graphs - Data Summit 2024
Enterprise Knowledge Graphs - Data Summit 2024Enterprise Knowledge Graphs - Data Summit 2024
Enterprise Knowledge Graphs - Data Summit 2024
 
Measures in SQL (a talk at SF Distributed Systems meetup, 2024-05-22)
Measures in SQL (a talk at SF Distributed Systems meetup, 2024-05-22)Measures in SQL (a talk at SF Distributed Systems meetup, 2024-05-22)
Measures in SQL (a talk at SF Distributed Systems meetup, 2024-05-22)
 
ECS 2024 Teams Premium - Pretty Secure
ECS 2024 Teams Premium - Pretty SecureECS 2024 Teams Premium - Pretty Secure
ECS 2024 Teams Premium - Pretty Secure
 
Future Visions: Predictions to Guide and Time Tech Innovation, Peter Udo Diehl
Future Visions: Predictions to Guide and Time Tech Innovation, Peter Udo DiehlFuture Visions: Predictions to Guide and Time Tech Innovation, Peter Udo Diehl
Future Visions: Predictions to Guide and Time Tech Innovation, Peter Udo Diehl
 

SplunkGettingStartedWorkshop.pptx

  • 1. Copyright © 2011, Splunk Inc. Listen to your data. Date Name Title Getting Started with Splunk
  • 2. Copyright © 2011, Splunk Inc. Listen to your data. Agenda 2 • Getting Started (5 minutes) • Splunk at <Your Company> (5-10 minutes) • Orientation (15-20 minutes) • Getting Help (5-10 minutes) • Q & A (10-15 minutes)
  • 3. Copyright © 2011, Splunk Inc. Listen to your data. Introductions 3 • Who are you? • What is your role? – Where does your job start and end? • Who’s in the audience? – Have the audience introduce themselves? – How much experience do they have with Splunk? – What do they hope to gain from the workshop?
  • 4. Copyright © 2011, Splunk Inc. Listen to your data. Getting Started 4 • How to access Splunk? – <Splunk URL> – <Credentials: LDAP or other?> • How to request access? – What is the new user onboarding process? – You have a process, right? ;) • What data is currently collected and available? – What is the new data onboarding process? – Please say you have a process
  • 5. Copyright © 2011, Splunk Inc. Listen to your data. Splunk Environment 5 • How is Splunk deployed? – Present a diagram of your Splunk deployment (example on next slide) • Splunk can be downloaded free and sets up in <5 minutes – Free version can be used as sandboxes to learn Splunk or test new configuration – Free version for home/personal use
  • 6. Copyright © 2011, Splunk Inc. Listen to your data. <Your Company> Splunk Architecture License Capacity: 500 GB/day 6 x5 … Distributed Search and Summary Indexing Tier Indexing Tier Forwarders or Forwarding Tier Data Sources laptops desktops proxy applications syslog firewall servers/VMs config
  • 7. Copyright © 2011, Splunk Inc. Listen to your data. <Your Company> Use Cases 7 • Who is using Splunk (individual users or teams)? • What are they doing with Splunk? • Highlight success stories, cool challenges solved or interesting questions answered by Splunk. • Example: our CIO is able to track productivity using Splunk dashboards of web proxy data. • Poll the audience for their use cases.
  • 8. Copyright © 2011, Splunk Inc. Listen to your data. Orientation 8 • Provide a walk through of the Splunk UI – Show the Launcher – Show the Getting Started App – Show the Search App  cover the data (sourcetypes, hosts, sources)  run a simple search with wildcards/booleans  explain the timeline, search controls, filters  explain the time range picker (historic vs. real-time searches)  find the search in the Jobs manager  introduce search commands  explain fields and/or demo the interactive field extractor  show how to save and schedule searches  build a simple report  make a simple dashboard – Ask the audience for search ideas or questions they want answered
  • 9. Copyright © 2011, Splunk Inc. Listen to your data. Orientation 9 • Mention the existence of the CLI and REST APIs • Show other cool Apps – Show Apps you have installed – Example: use the GoogleMaps App to geolocate events – Download more from SplunkBase – Users can also build their own
  • 10. Copyright © 2011, Splunk Inc. Listen to your data. Getting Help 10 • Is there an internal wiki or website with more information? • Is there an internal mailing list users can ping? • Is there an internal chat list? • Are there team experts who can be leveraged?
  • 11. Copyright © 2011, Splunk Inc. Listen to your data. Technical Help: Splunk Answers 11 http://answers.splunk.com Community driven Splunk supported Knowledge exchange Q & A
  • 12. Copyright © 2011, Splunk Inc. Listen to your data. Technical Help: Splunk Documentation 12 http://docs.splunk.com Official Product Docs Wiki and community topics Updated daily Can be printed to .PDF
  • 13. Copyright © 2011, Splunk Inc. Listen to your data. Splunk Education 13 Develop internal Splunk experts Recommended for New Users – Using Splunk – Searching & Reporting Recommended for Admins – Administering – Deploying Splunk Recommended for UI/Dashboard Developers – Developing Apps
  • 14. Copyright © 2011, Splunk Inc. Listen to your data. Splunk Events 14 Splunk User Groups – Community driven – Bootstrapped by Splunk – Occur every 2-3 months – Hosted locally Splunk Live! – Worldwide customer events – Technical workshops for beginners and power users – Local Events held in LA, OC, San Diego, Phoenix yearly Splunk User Conference – August 15-17 in San Francisco, CA – 5 tracks, more than 40 sessions, the smartest Splunk users together – May 13th early registration promotion www.splunk.com > Events
  • 15. Copyright © 2011, Splunk Inc. Listen to your data. Other Ways to Get Help 15 Post a Question to Splunk Answers Find an app on Splunkbase Join the IRC channel #splunk on efnet Join the Splunk LinkedIn Group Follow @Splunk on Twitter Watch Splunk Videos on YouTube
  • 16. Copyright © 2011, Splunk Inc. Listen to your data. Q&A 16 • Questions? • Looking Ahead – Was the workshop useful? – Get ideas for future workshops – Recruit someone in the audience to host a future workshop – Consider hosting a Search/Story of the Month contest
  • 17. Copyright © 2011, Splunk Inc. Listen to your data. Thank You :)

Notas del editor

  1. This is a presentation template for a Getting Started with Splunk Workshop. The slides are intended to be customized to your own environment and agenda. Notes conveying purpose and example usage are presented on the slides directly. Good luck and have fun!
  2. Splunk Answers(http://splunk-base.splunk.com/answers/ or http://answers.splunk.com) is a web based Splunk community which can be utilized to answer questions. Many Splunk employees are users and check the site on a regular basis. We are happy to provide feedback on the questions being asked here. This is an excellent option for people who do not have direct access to Splunk support to find quick answers to their questions. This site is a great place to see if other people may have encountered a similar issue to the one you are experiencing. We encourage Splunk users to utilize this resource as a first line of investigation. We welcome you to engage the Splunk community for any and all questions you may have related to Splunk. It is a friendly community full of people who are willing and able to assist you with your inquiries. It can be useful in answering basic questions , or even questions about advanced deployment use cases. Whatever you'd like to know about Splunk, there is a good chance someone in the community has this knowledge, and is willing to share it with you.
  3. Because not everyone can be an authorized support contact with the ability to interact with Splunk Support on a Regular Basis, and different people work with Splunk at different levels, it is important to develop Splunk experts internally. These are the individuals responsible for Splunk Administration and/or the management of the Splunk Knowledge layer. The first step in developing an internal expert would be to engage Splunk education to develop a plan to take advantage of all our course offerings. The knowledge imparted by the courses, as well as day to day Splunk administration in conjunction with knowledge management is usually sufficient to provide an internal level of expertise sufficient to be able to mitigate many issues before engaging support. These individuals can be integral to the success of a Splunk Implementation and can assist you in determining if your issue is a simple misconfiguration, or if this may require the assistance of the Splunk Support Team.
  4. Splunk User Groups From time to time, there are also Splunk User Group meetings at various locations around the country and world, which you can attend to learn how other customers are currently using Splunk. To find out about upcoming events in your area, be sure to check out the upcoming events section of the Splunk website @http://www.splunk.com/page/events