What do you think?
Rate this book
Implementing Splunk: Big Data Reporting and Development for Operational Intelligence
Learn to transform your machine data into valuable IT and business insights with this comprehensive and practical tutorial In Detail Splunk is a data collection, indexing, and visualization engine for operational intelligence. It's a powerful and versatile search and analysis engine that lets you investigate, troubleshoot, monitor, alert, and report on everything that's happening in your entire IT infrastructure from one location in real time. Splunk collects, indexes, and harnesses all the fast moving machine data generated by our applications, servers, and devices - physical, virtual, and in the cloud. Given a mountain of machine data, this book shows you exactly how to learn to use Splunk to make something useful from it. Depending on your needs, you can learn to search, transform, and display data, or learn to administer your Splunk installation, large or small. "Implementing Big Data Reporting and Development for Operational Intelligence" will help you get your job done faster, whether you read from the beginning or jump to what you need to know today. New and experienced users alike will find nuggets of wisdom throughout. This book provides you with valuable examples and step-by-step instructions, showing you how to take advantage of everything Splunk has to offer you, to make the most out of your machine data. "Implementing Big Data Reporting and Development for Operational Intelligence" takes you on a journey right from inception to a fully functioning implementation of Splunk. Using a real-world data walkthrough, you’ll be shown how to search effectively, create fields, build dashboards, reports, and package apps, manage your indexes, integrate into the enterprise, and extend Splunk. This practical implementation guide equips you with high-level knowledge for configuring, deploying, extending, and integrating Splunk. Depending on the goal and skills of the reader, enough topics are covered to get you on your way to dashboard guru, app developer, or enterprise administrator. This book uses examples curates reference, and sage advice to help you make the most of this incredibly powerful tool. What you will learn from this book Approach A step-by-step practical implementation tutorial that equips you with high-level knowledge of configuring, deploying, extending, and integrating Splunk to bring machine-generated operational intelligence (?)to your advantage.
428 pages, Paperback
First published January 1, 2013
4 people are currently reading
25 people want to read
Ratings & Reviews
Friends & Following
Create a free account to discover what your friends think of this book!
Community Reviews
Displaying 1 of 1 review
April 30, 2013
Implementing Splunk
I was excited to hear the news that Packt Publishing(http://www.packtpub.com/) were releasing a new book dedicated to Splunk called “Implementing Splunk - Big Data Reporting and Development for Operation Intelligence” (http://www.packtpub.com/implementing-...). A majority of the documentation and information on Splunk has been produced by Splunk so I was eager to see if “Implementing Splunk” was going to be a fresh take on the large amount of information that is currently out there. “Implementing Splunk” was written by Vincent Bumgarner who has been designing software for close to 20 years and has been working with Splunk from 2007, and has been helping companies use the application as a Business Intelligence, Reporting and Analytics Tool.
The book starts by taking the user through the web interface and providing an explanation on how different parts of the interface work. It then provides new users with a further and more thorough explanation on the specifics of Search, Charting and creating Dashboards, providing examples and samples along the way. The intensity of the information then increases with an explanation on Advanced Searching, Extending Search capabilities, working with Apps and Advanced XML Dashboards. The final three chapters of the book then cover Configuration, Administration and Deployment of Splunk.
I have found “Implementing Splunk” covers the basic elements of Splunk very well, providing clear definitions and examples. The first few chapters are provided by not overloading the user with too much information on how the interface is setup and how splunk works. These opening chapters of the book reach a good balance of information and examples that the user can start to test the interface with. It even provides some clear information on how Splunk works under the hood including an explanation on how Splunk deals with time. As you work with Splunk you begin to learn that search is the base of everything and as a result is covered in great detail.
The main complaint that I always hear about Splunk is that the documentation provided is not very clear, providing too much content that becomes vague and confusing. Unfortunately, as the book tries to cover more advanced topics it does the same thing. It seems to overload the reader with text and tries to cover too much information in one book. It is also difficult to use as a reference book, for example, when Chapter 12 provides examples on “Writing a scripted input to gather data”(Page 381), it stops at advising where the configuration files need to be located and then requests that you read Chapter 11 for further information.
The math concerning Index Sizing in Chapter 11(Page 355) is also vague and unclear, with the formulas jumping around between Gigabytes and Megabytes. The book also does not cover Version 5 of Splunk either, which although is not a major issue, I am not sure why the book was not amended to be as up to date as possible upon release. I also think new users could benefit from a little more information as to why you would be using Splunk, with an outline of the kind of data that Splunk works best with and how Splunk can make sense of it. A more thorough explanation of deployments with some examples provided could have also clarified some of the information in the later chapters.
I almost think that this book tried to cover too many topics with the authors attempting to condense things down to under 500 pages. It seems like it could have been split into two separate books, one outlining the search, dashboard, and user interface capabilities of the application, while the other focused on the administration, deployment and configuration. Either way the fact that this book was published highlights the growing popularity of the application within the enterprise environment. Even though I am worried that new users might get frustrated with the later chapters of the book, it does provide a great introduction to Splunk and is a good resource to get started with.
If you are interested, a sample chapter from the publisher can be found at the following link: http://www.packtpub.com/sites/default...
I was excited to hear the news that Packt Publishing(http://www.packtpub.com/) were releasing a new book dedicated to Splunk called “Implementing Splunk - Big Data Reporting and Development for Operation Intelligence” (http://www.packtpub.com/implementing-...). A majority of the documentation and information on Splunk has been produced by Splunk so I was eager to see if “Implementing Splunk” was going to be a fresh take on the large amount of information that is currently out there. “Implementing Splunk” was written by Vincent Bumgarner who has been designing software for close to 20 years and has been working with Splunk from 2007, and has been helping companies use the application as a Business Intelligence, Reporting and Analytics Tool.
The book starts by taking the user through the web interface and providing an explanation on how different parts of the interface work. It then provides new users with a further and more thorough explanation on the specifics of Search, Charting and creating Dashboards, providing examples and samples along the way. The intensity of the information then increases with an explanation on Advanced Searching, Extending Search capabilities, working with Apps and Advanced XML Dashboards. The final three chapters of the book then cover Configuration, Administration and Deployment of Splunk.
I have found “Implementing Splunk” covers the basic elements of Splunk very well, providing clear definitions and examples. The first few chapters are provided by not overloading the user with too much information on how the interface is setup and how splunk works. These opening chapters of the book reach a good balance of information and examples that the user can start to test the interface with. It even provides some clear information on how Splunk works under the hood including an explanation on how Splunk deals with time. As you work with Splunk you begin to learn that search is the base of everything and as a result is covered in great detail.
The main complaint that I always hear about Splunk is that the documentation provided is not very clear, providing too much content that becomes vague and confusing. Unfortunately, as the book tries to cover more advanced topics it does the same thing. It seems to overload the reader with text and tries to cover too much information in one book. It is also difficult to use as a reference book, for example, when Chapter 12 provides examples on “Writing a scripted input to gather data”(Page 381), it stops at advising where the configuration files need to be located and then requests that you read Chapter 11 for further information.
The math concerning Index Sizing in Chapter 11(Page 355) is also vague and unclear, with the formulas jumping around between Gigabytes and Megabytes. The book also does not cover Version 5 of Splunk either, which although is not a major issue, I am not sure why the book was not amended to be as up to date as possible upon release. I also think new users could benefit from a little more information as to why you would be using Splunk, with an outline of the kind of data that Splunk works best with and how Splunk can make sense of it. A more thorough explanation of deployments with some examples provided could have also clarified some of the information in the later chapters.
I almost think that this book tried to cover too many topics with the authors attempting to condense things down to under 500 pages. It seems like it could have been split into two separate books, one outlining the search, dashboard, and user interface capabilities of the application, while the other focused on the administration, deployment and configuration. Either way the fact that this book was published highlights the growing popularity of the application within the enterprise environment. Even though I am worried that new users might get frustrated with the later chapters of the book, it does provide a great introduction to Splunk and is a good resource to get started with.
If you are interested, a sample chapter from the publisher can be found at the following link: http://www.packtpub.com/sites/default...
Displaying 1 of 1 review