The past 6 months I’ve taken a deep dive into the Splunk. I had a lot of questions when I first started….
Is this just like the ELK stack?
How is all this data stored?
What’s the integration with Hadoop look like? (spoiler alert it’s awesome and named HUNK)
All I can say is I was blown away with how amazing Splunk is at data analytics. It’s no wonder why Splunk is #1 for analyzing machine data in IT Organizations around the world, however, it’s not just for machine data. Splunk started out with analyzing log files, but because of it great dashboard tools and ability to parse different data types, it’s quickly jumped outside of IT Operations.
Analyzing Machine Data with Splunk is broken into 7 different modules
- What is Splunk? – First thing we do is dive into what Splunk is. What’s Splunk’s history and who is using Splunk. Lastly in this module we talk about careers in Splunk and what the options are for Splunk Admin/Developers.
- Setting Up the Splunk Environment – Once we have the level set on Splunk it’s time to setup our own local Splunk environment. Splunk offers a few options for Splunk environments in this module we discuss each of them. At the end of this module we walk through setting up your own Splunk environment in a Windows environment.
- Basic Splunking Techniques – During this module we are ready to dig into using our local Splunk environment to analyze log files. Basic Splunk searches, creating reports and alerts are essentially building blocks taught in this module. The last part of this module walks through using the Search Processing Language (SPL) which is Splunk’s search language.
- Splunking in the Enterprise – Next we jump into the Enterprise features in Splunk. Encrypting and compressing data in flight is essential when working in the Enterprise and Splunk has you covered here. Also we work through setting up scaleable Splunk environments because data is only going to grow so let’s go ahead and be ready.
- Splunking for DevOps and Security – Security and DevOps are hot topics and careers right now. Splunk plays in both these fields. Security is the top use case for Splunk because it gives Enterprises the ability to have a 360 view of their IT environments. The demo in this module walks though using Splunk to analyze log4j files in DevOps.
- Application Development in Splunkbase – In this module we’ll dive into the Splunkbase to learn how to extend the Splunk environment. Splunkbase in simple terms is like App store for iPhones. Need to import a new data source and don’t want to write your own Regular Expression? Check out Splunkbase. Want to develop your own customer Splunk Apps using the SDK? Splunkbase has you covered with that. Learn about all the things you can do with Splunkbase in this module.
- Splunking on Hadoop with Hunk – Ahhhh! Now we are talking. Hadoop on Splunk = HUNK. When I started playing with Hunk it was like the first time I heard the Jay-Z / Linkin Park Collision Course Album. Only this was bigger I mean talk about two world colliding! Splunk provides great dashboards and tools to help ingest machine data without having to do the ETL. With Hunk you can import or export that data into HDFS.
After all this hard work and Splunk goodness be sure to checkout Analyzing Machine Data with Splunk. This course will help you learn how to leverage Splunk in your everyday IT Operations. As always let me know any feedback you have or ideas for more courses in Data Analytics.