The installation manual includes system requirements, licensing information, and procedures for installing or migrating Splunk.
Splunk Release Notes include information about new features, known issues, and fixed problems.
This manual guides you through adding data, searching your data, and building simple reports and dashboards. If you're new to Splunk, this is the place to start!
This manual is the starting point for learning to administer Splunk. It covers a wide range of material, including critical subjects like managing licenses, configuring Splunk, and using the command line interface. It includes a comprehensive reference for all the Splunk configuration files.
This manual describes how to scale your Splunk deployment to fit the needs of your enterprise. It tells you how to distribute Splunk functionality across multiple machines, using components like forwarders, indexers, and search heads.
This manual tells you how to get your data into Splunk. It covers everything you need to do to ensure that Splunk indexes all your machine data efficiently and effectively.
This manual explains how to search and use the search language. Look here for more thorough examples of writing Splunk searches to calculate statisitics, evaluate fields, and report on search results.
This manual provides a reference for the Splunk user who is looking for a catalog of the search commands with complete syntax, descriptions, and examples for usage. If you want to just jump right in and start searching, check out the Search command cheat sheet--it's a quick guide, complete with descriptions and examples.
As you use Splunk, knowledge objects are created, including event types, tags, lookups, field extractions, workflow actions, saved searches, and views. This manual demonstrates ways that you can use Splunk knowledge to solve real-world problems, and shows you how to maintain large sets of knowledge objects for your organization.
This manual sums up everything you'll need to know about designing alerts that monitor incoming events and are triggered when specific conditions are met. Triggered alerts can send email notifications, send results to RSS feeds, and run scripts that interact with external systems.
This is the new manual for data visualizations in Splunk. It discusses the range of visualization options that Splunk provides, shows you how to design reports, and covers the creation of dashboard with Splunk Web and simple XML. It also shows you your options for form design using simple XML.
This manual explains how to configure and manage Splunk indexers and clusters of indexers.
This manual describes ways you can secure Splunk. Look here to learn about creating and authenticating users, configuring SSL, using audit features to secure your data, and hardening your Splunk instances to reduce vulnerability and risk.
Provides information, procedures, and examples on how to create dashboards and views using Splunk's Advanced XML. Also discusses building Splunk apps, creating custom scripted inputs, extending Splunk, and other advanced development topics. Prior to Splunk 4.3, content in this manual was found in the ''Splunk Developer Manual.''
The Troubleshooting Manual gets you started solving problems, should one occur with your Splunk instance.
Provides reference documentation on all publicly accessible Splunk REST API endpoints. The introduction provides instructions on how to use the REST API plus examples that illustrate common use cases.
Some Splunk 5.0 manuals are available in Japanese, Korean, Simplified Chinese, and Traditional Chinese.