What do you think?
Rate this book
Implementing Splunk: Big Data Essentials for Operational Intelligence
A step-by-step practical implementation tutorial that equips you with high-level knowledge of configuring, deploying, extending, and integrating Splunk to bring machine-generated operational intelligence (?)to your advantage. The book targets professionals and organizations who want to implement or have already implemented Splunk for log analysis and indexing. Analysts and IT staff for end-to-end investigation, performance monitoring, and so on will also learn from the practical examples. It would even help managers to build reports and summarize the health, performance, and activity of their IT infrastructure and business. You will also find it helpful as a technical administrator, consultant, or end user. This book aims to be useful to Splunk users of all levels, from complete newbie to seasoned user. The book assumes that you have access to a copy of Splunk, ideally not in production. Many examples also assume your user has admin rights.
450 pages, Kindle Edition
First published January 1, 2013
4 people are currently reading
25 people want to read
Ratings & Reviews
Friends & Following
Create a free account to discover what your friends think of this book!
Community Reviews
Displaying 1 of 1 review
April 30, 2013
Implementing Splunk
I was excited to hear the news that Packt Publishing(http://www.packtpub.com/) were releasing a new book dedicated to Splunk called “Implementing Splunk - Big Data Reporting and Development for Operation Intelligence” (http://www.packtpub.com/implementing-...). A majority of the documentation and information on Splunk has been produced by Splunk so I was eager to see if “Implementing Splunk” was going to be a fresh take on the large amount of information that is currently out there. “Implementing Splunk” was written by Vincent Bumgarner who has been designing software for close to 20 years and has been working with Splunk from 2007, and has been helping companies use the application as a Business Intelligence, Reporting and Analytics Tool.
The book starts by taking the user through the web interface and providing an explanation on how different parts of the interface work. It then provides new users with a further and more thorough explanation on the specifics of Search, Charting and creating Dashboards, providing examples and samples along the way. The intensity of the information then increases with an explanation on Advanced Searching, Extending Search capabilities, working with Apps and Advanced XML Dashboards. The final three chapters of the book then cover Configuration, Administration and Deployment of Splunk.
I have found “Implementing Splunk” covers the basic elements of Splunk very well, providing clear definitions and examples. The first few chapters are provided by not overloading the user with too much information on how the interface is setup and how splunk works. These opening chapters of the book reach a good balance of information and examples that the user can start to test the interface with. It even provides some clear information on how Splunk works under the hood including an explanation on how Splunk deals with time. As you work with Splunk you begin to learn that search is the base of everything and as a result is covered in great detail.
The main complaint that I always hear about Splunk is that the documentation provided is not very clear, providing too much content that becomes vague and confusing. Unfortunately, as the book tries to cover more advanced topics it does the same thing. It seems to overload the reader with text and tries to cover too much information in one book. It is also difficult to use as a reference book, for example, when Chapter 12 provides examples on “Writing a scripted input to gather data”(Page 381), it stops at advising where the configuration files need to be located and then requests that you read Chapter 11 for further information.
The math concerning Index Sizing in Chapter 11(Page 355) is also vague and unclear, with the formulas jumping around between Gigabytes and Megabytes. The book also does not cover Version 5 of Splunk either, which although is not a major issue, I am not sure why the book was not amended to be as up to date as possible upon release. I also think new users could benefit from a little more information as to why you would be using Splunk, with an outline of the kind of data that Splunk works best with and how Splunk can make sense of it. A more thorough explanation of deployments with some examples provided could have also clarified some of the information in the later chapters.
I almost think that this book tried to cover too many topics with the authors attempting to condense things down to under 500 pages. It seems like it could have been split into two separate books, one outlining the search, dashboard, and user interface capabilities of the application, while the other focused on the administration, deployment and configuration. Either way the fact that this book was published highlights the growing popularity of the application within the enterprise environment. Even though I am worried that new users might get frustrated with the later chapters of the book, it does provide a great introduction to Splunk and is a good resource to get started with.
If you are interested, a sample chapter from the publisher can be found at the following link: http://www.packtpub.com/sites/default...
I was excited to hear the news that Packt Publishing(http://www.packtpub.com/) were releasing a new book dedicated to Splunk called “Implementing Splunk - Big Data Reporting and Development for Operation Intelligence” (http://www.packtpub.com/implementing-...). A majority of the documentation and information on Splunk has been produced by Splunk so I was eager to see if “Implementing Splunk” was going to be a fresh take on the large amount of information that is currently out there. “Implementing Splunk” was written by Vincent Bumgarner who has been designing software for close to 20 years and has been working with Splunk from 2007, and has been helping companies use the application as a Business Intelligence, Reporting and Analytics Tool.
The book starts by taking the user through the web interface and providing an explanation on how different parts of the interface work. It then provides new users with a further and more thorough explanation on the specifics of Search, Charting and creating Dashboards, providing examples and samples along the way. The intensity of the information then increases with an explanation on Advanced Searching, Extending Search capabilities, working with Apps and Advanced XML Dashboards. The final three chapters of the book then cover Configuration, Administration and Deployment of Splunk.
I have found “Implementing Splunk” covers the basic elements of Splunk very well, providing clear definitions and examples. The first few chapters are provided by not overloading the user with too much information on how the interface is setup and how splunk works. These opening chapters of the book reach a good balance of information and examples that the user can start to test the interface with. It even provides some clear information on how Splunk works under the hood including an explanation on how Splunk deals with time. As you work with Splunk you begin to learn that search is the base of everything and as a result is covered in great detail.
The main complaint that I always hear about Splunk is that the documentation provided is not very clear, providing too much content that becomes vague and confusing. Unfortunately, as the book tries to cover more advanced topics it does the same thing. It seems to overload the reader with text and tries to cover too much information in one book. It is also difficult to use as a reference book, for example, when Chapter 12 provides examples on “Writing a scripted input to gather data”(Page 381), it stops at advising where the configuration files need to be located and then requests that you read Chapter 11 for further information.
The math concerning Index Sizing in Chapter 11(Page 355) is also vague and unclear, with the formulas jumping around between Gigabytes and Megabytes. The book also does not cover Version 5 of Splunk either, which although is not a major issue, I am not sure why the book was not amended to be as up to date as possible upon release. I also think new users could benefit from a little more information as to why you would be using Splunk, with an outline of the kind of data that Splunk works best with and how Splunk can make sense of it. A more thorough explanation of deployments with some examples provided could have also clarified some of the information in the later chapters.
I almost think that this book tried to cover too many topics with the authors attempting to condense things down to under 500 pages. It seems like it could have been split into two separate books, one outlining the search, dashboard, and user interface capabilities of the application, while the other focused on the administration, deployment and configuration. Either way the fact that this book was published highlights the growing popularity of the application within the enterprise environment. Even though I am worried that new users might get frustrated with the later chapters of the book, it does provide a great introduction to Splunk and is a good resource to get started with.
If you are interested, a sample chapter from the publisher can be found at the following link: http://www.packtpub.com/sites/default...
Displaying 1 of 1 review