- Apps and Add-ons
- :
- All Apps and Add-ons
- :
- Ideas on how to create a Splunk show for managemen...
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark Topic
- Subscribe to Topic
- Mute Topic
- Printer Friendly Page
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Ideas on how to create a Splunk show for management
Hi Experts,
I want to do a POC on Splunk. I have installed it on my Linux box. I know the search capability of it. I want to convince my management about its operational intelligence and data analytics capability. My management wants to see how Splunk can provide data analysis from application till the server os level. For this I want to make a setup. I can pull the logs from web, app, db, network and OS to my splunk server, but I want some ideas on creating the searches, scenarios and dashboard that will show various ways of data analysis from purely infrastructure point of view in datacenter environment. If you guys can provide me or guide me in some direction, that will very much helpful.
Thanks
Pankaj
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
The easiest one to do a POC with would probably be one of the cisco apps. I only say that because you could ingest cisco syslog realtively painlessly. A lot of the operating system apps work best when you are using a universal forwarder installed on client servers to collect the data. This wouldn't be a problem if you have a test lab to use. The other alternative is to research using the data generators to create test data for different platforms to demo splunk's search and visualization capabilities.
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Install the apps for the various components and systems in your environment, and play with them. That will give you an idea of how Splunk can work for your environment. There are a great many apps, so they should give you quite a few ideas.
Also, it would be a good idea to take the tutorial.
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Here is the link to the main Apps page. There is a button at the bottom to show all apps. There are a lot of apps. I know nothing about your environment, so it is hard to point you specific apps. However, the CIM app is a good one for correlation, tho it can be trick to configure.
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Thanks Luke for your response. Can you direct me to some apps and scenarios which I can install in my environment ? to show case something from data analysis point of view. I have already started going through the tutorials. Do you have any link through which I can create a co-relation event scenarios, that would be great.
--Pankaj
Introducing the 2024 SplunkTrust!
Introducing the 2024 Splunk MVPs!
Splunk Custom Visualizations App End of Life
