Overview Alerts in Splunk are used to create notification or inform someone when a particular situation is met. It basically is used to notify the support team when any service degradation happens so that they can work and fix the issue. The difference between dashboards and alerts is that dashboards needs to be manually monitored … Read more
Macros Search macros are reusable chunks of Search Processing Language (SPL) that you can insert into other searches. Search macros can be any part of a search, such as an eval statement or search term, and do not need to be a complete command. You can also specify whether the macro field takes any arguments. • … Read more
Roles: There are basically three different types of Roles in Splunk:User: This is the basic role in Splunk which provides access to all shared data sets to be read, viewed and monitored. Here you can create dashboard but cannot publish it for other users.Power User: This is an advanced role in Splunk which grants you … Read more
Commands: In Splunk, to write a query we need to learn the various commands it offers. Each command comes with a special use case and can be used for its own purpose. Any search query that used transforming commands such as stats, chart etc. are known as Transforming search. Transforming commands uses the existing results … Read more
Splunk is a software platform to search, analyse & visualize the machine generated data gathered from different websites, applications, sensors, devices etc. which make up your IT infrastructure and business. It helps in getting answers from your raw machine data Key Points Benefits: