Splunk is a multinational software company that offers its core platform, Splunk Enterprise, as well as many related offerings built on the Splunk platform. Cofounded by Michael Baum, Rob Das, and Erik Swan, Splunk's name was inspired by the process of exploring caves, or spelunking. The Splunk platform helps a wide variety of organizational personas, such as analysts, operators, developers, testers, managers, and executives. They get analytical insights from machine-created data. Splunk collects, stores, and provides powerful analytical capabilities, enabling organizations to act on often powerful insights derived from this data.
The Splunk Enterprise platform was built with IT operations in mind. When companies had IT infrastructure problems, troubleshooting and solving problems was immensely difficult, complicated, and manual. Splunk was built to collect and make log files from IT systems searchable and accessible. Splunk is commonly used for information security and development operations, as well as more advanced use cases for custom machines, Internet of Things, and mobile devices.
Throughout the book, we will be covering the fundamental concepts of Splunk so that you can learn quickly and efficiently. As the concepts become more complex, we reserve their deep discussion for Splunk's online documentation or the vibrant Splunk online community at
http://docs.splunk.com. Wherever necessary, we provide links to help provide you with the practical skills and examples so that you can get started quickly.
With very little time, you can achieve direct results using Splunk, which you can access through a free enterprise trial license. While this license limits you to 500 MB of data ingested per day, it will allow you to quickly get up to speed with Splunk and learn the essentials of this powerful software.
If you follow what we've written closely, we believe you will quickly learn the fundamentals you need to use Splunk effectively. Together, we will make the most of the trial license and give you a visible result that you can use to create valuable insights for your company.
Towards the end of the book, we will cover concepts to extend Splunk to your organization, and cover the vast Splunk community and online ecosystem.
Tip from the Fez: Splunk sponsors a community known as Splunk Trust. Splunk Trust is made up of bright Splunk minds from around the world, who actively and successfully participate in the Splunk community, especially through the Splunk answers online site. A logo associated with this community is based on the historical headdress and named after the city of Fez, Morocco. Many fraternal organizations have adopted the use of a Fez, most notably in the United States by the Shriners organization. Throughout this book, we will tap into one of Splunk Trust's members to provide some additional best practice recommendations.