Help Getting Started with Splunk
Splunk is a great data intelligence platform when used effectively. With a full understanding of Splunk’s functionality and capabilities, it should totally consume you with it’s awesomeness and you will find yourself preaching its benefits to your entire company! Our customers are always asking for recommendations on how to better grasp the fundamentals of the platform and the following article should provide this guidance.
The material is split into sections. If you know of something not in the list or any of the links are broken, please let us know – thanks!
Read
Read the Splunk Enterprise overview on Splunk.com
New to Splunk and wondering what Splunk actually is? – Read this.
> Splunk Enterprise Overview
Read a Book on Splunk
There are a several books published on Splunk. Some of these are listed below.
> Our Splunk Operational Intelligence Cookbook
> Exploring Splunk – Search Processing Language (SPL) Primer & Cookbook (Free!)
> The Essential Guide to Machine Data (Free!)
> The Essential Guide to Security (Free!)
Print Out the Splunk Reference Guide and Cheat Sheets
Print these out and keep on your desk for some handy quick reference material.
> Splunk Quick Reference Guide
> Splunk Dashboard Quick Reference Guide
> Splunk Search Command Quick Reference
> Splunk SPL for SQL Users
Splunk Manuals
Sometimes you just have to read the manual, but don’t be scared to do so. All Splunk’s documentation is online in a wiki style format and searchable via Google, as well as on Splunk.com. Great for reference when crafting a search or implementing something new.
> Splunk Documentation and Manuals
Watch
Watch the Splunk Web Demo (Newbie)
A web demo of Splunk.
> Splunk Web Demo
Splunk Educational Videos / YouTube Channel
A handful of Splunk curated educational videos that are good for learning about basic searching and dashboarding, as well as how to get common data sources into Splunk.
> Watch the Splunk Educational Videos
Watch, Listen and Learn from Past Splunk Conferences
Presentations and slide decks from past conferences are all archived and can be accessed by anyone.
> .CONF Online
Train
Take a Free eLearning course
Splunk has a number of free eLearning courses that can be a good way to get to grips with some of the concepts.
> Free Splunk Training Courses
Take one (or several) of the Splunk Certified Training Courses
These classes are an excellent way to get up to speed with the various aspects of Splunk. There are classes for all types of Splunker, from general user, to developer, to administrator and beyond. Classes can be delivered virtually over WebEx, or on-site at your office.
> Splunk Education Classes
Attend the Splunk Conference
Held once per year in Las Vegas, this is an excellent educational experience. Surrounded by 1000s of other Splunk comrades, you are immersed in everything Splunk for 3 long days or more. If you stay focused; you will learn a huge amount – highly recommended.
> Splunk Conference
Join a Local User Group
Network with peers in your own city! Share and learn best practices, find out what’s new and enjoy a couple of drinks. User group meetings are regularly posted on the event page.
> Splunk Toronto User Group
> Other Splunk User Groups
Attend a SplunkLive! Event
Kind of like a mini Splunk conference, except these are free and in a city (hopefully) close to you! These day long educational seminars are packed with customer presentations, Splunk presentations and demos. Lunch is even provided as well!
> Find an upcoming SplunkLive! near you
Play
Download, Install and Play with Splunk on your Laptop
Splunk was designed from the start to be easy to install. You don’t need a server just to play, as the free version will run on your laptop just fine. Download it now, index your local logs and play with the tool – it’s the best way to learn.
> Download Splunk
Splunk Search Tutorial
Follow the tutorial within the Splunk documentation to help get you up to speed with installing Splunk, basic searching and use.
> Splunk Search Tutorial
Develop
Extend Splunk with Apps and Add-Ons
Splunk has a growing base of apps and add-ons, that can help extend the power of Splunk and help you to get value from your data faster. Splunk’s capabilities are not just limited to these apps and many can be customized, adapted or merged to meet your specific needs.
> Find Splunk Apps and Add-Ons
Develop your Own Applications
Splunk is built on an open web development framework standards, such as Django and JavaScript. There are also multiple SDKs available and a very comprehensive REST API.
> Splunk Dashboard Examples
> Splunk Development Community
Splunk Machine Learning Toolkit
Leverage machine learning with Splunk by downloading the app. The app contains end-to-end examples and there is also a set videos to help new users get started.
> Machine Learning Toolkit App
> Machine Learning YouTube Videos
> Machine Learning Cheat Sheet
Support
Splunk Answers – Ask Questions, Get Answers
Splunk Answers is a great community driven support site managed by Splunk. Answers is the place to go if you are stuck crafting a Splunk search, are looking for configuration guidance or are experiencing some error you may not have seen before. It isn’t a replacement for enterprise support, but can be a quick way to get an answer. More often than not, someone else has already asked your question and full search capability is provided.
> Splunk Answers
Chat Live on the Splunk Slack
Slack is a common way to talk with other Splunk users outside of user groups, .CONF or other Splunk events. Slack allows for anyone to communicate with the greater Splunk Community. Use Slack to ask help with issues and gain insight into problems experienced by other users. Anyone can submit a request to join.
> Slack Channels
Chat Live on the Splunk IRC Channel
Chat live with online community members in the Splunk IRC channel. This channel consists of experts in Splunk, as well as newbies. Whatever your experience level, there is always an active discussion going on in the Splunk IRC channel. Load up an IRC client and point it here:
> irc server: irc.efnet.org
> irc channel: #splunk
Obtain Professional or Advisory Services
You shouldn’t be expected to do everything yourself. Sometimes, it is quicker, easier and more cost effective to get the data intelligence experts in. Perhaps you are just starting out, unsure if Splunk is the right fit, looking to expand your environment, need help with upgrades or looking for app development. Our Splunk Professional Services are on hand to help to ensure you gain huge value and maximize your Splunk investment. Contact us now and leverage our many years worth of award winning Splunk expertise.
© Discovered Intelligence Inc., 2022. Unauthorised use and/or duplication of this material without express and written permission from this site’s owner is strictly prohibited. Excerpts and links may be used, provided that full and clear credit is given to Discovered Intelligence, with appropriate and specific direction (i.e. a linked URL) to this original content.
