The Splunk User Interface in 5 Easy Steps
A lot of companies have Splunk installed and running in their environment, collecting a massive amount of data and intelligence. Sometimes it’s this large amount of data, other times its the user not being familiar with the interface, but it seems that this powerful tool and the large data at hand, can go unloved and underutilized.
Splunk has gone a long way in helping users find their way around the interface in recent years but there is still are some moments when users are faced with the inevitable log in process of username and password entered… now what?
It just takes those initial baby steps to allow users to see the power of their data, but until this happens for those users, Splunk could remain an expensive and unloved piece of software with a weird name. So log on, and watch the top 5 things you need to get started.
1. Log On Screen
I know nothing too scary here, but your login domain will vary depending on your web location. You’ll need a username and password to log in and depending on your company’s policy it may be a combination which is already established, your current network credentials or you may need to get a separate username and password combination to get started. The login screen also provides information to the user, including if updates are available or if there is a maintenance or outage window approaching.
2. The Welcome Screen
This is the first thing you’re presented with when you log in. The main body of the welcome screen allows you to customize the interface to give you the information you need as soon as you log in. You have Apps available to you down the left side of the screen and you have menus along the top right.
3. Your Apps
I prefer to start with Apps first as you may need to not even worry about searching yet if you have been provided with apps relevant to you and the information you need. In it’s simplest definition, a Splunk App is a collection of saved searches, reports, alerts and dashboards that have been developed specifically for a certain set of data or information. You can create your own Apps or you can download and install apps that have been created by external providers on the SplunkBase, but you may need to have administrator access on your environment to be allowed to perform these additions to your environment.
4. Search
This is were things start to get exciting…if your into that kind of thing. By clicking on the Search & Reporting App you get a basic search screen. This allows you to start to search through the piles of data at your fingertips and start to make sense of it all.
5. Settings Menu
Depending on your level of access, the settings menu may have many options or be limited to only a few choices. If your a power user or been given administration privileges which will allow you the ability to configure the user interface, define what data is indexed and available for searching and provide user logon and access.
Just in a quick tour, you have seen what you need to get started with Splunk. Sometimes the best way to learn is to attack it, but we will continue to expand the information available, to help you proceed further.
Found this post useful? Kindly tap the ❤ button below! :)
About The Author
