Splunk
Installation Manual
The installation manual includes system requirements, licensing information, and procedures for installing or migrating Splunk.
Release Notes
Splunk Release Notes include information about new features, known issues, and fixed problems.
Splunk Tutorial
This manual guides you through adding data, searching your data, and building simple reports and dashboards. If you're new to Splunk, this is the place to start!
Admin Manual
This manual is the starting point for learning to administer Splunk. It covers a wide range of material, including critical subjects like managing licenses, configuring Splunk, and using the command line interface. It includes a comprehensive reference for all the Splunk configuration files.
Distributed Deployment Manual
This manual describes how to scale your Splunk deployment to fit the needs of your enterprise. It tells you how to distribute Splunk functionality across multiple machines, using components like forwarders, indexers, and search heads.
Getting Data In
This manual tells you how to get your data into Splunk. It covers everything you need to do to ensure that Splunk indexes all your machine data efficiently and effectively.
Search Manual
This manual explains how to search and use the search language. Look here for more thorough examples of writing Splunk searches to calculate statisitics, evaluate fields, and report on search results.
Search Reference
This manual provides a reference for the Splunk user who is looking for a catalog of the search commands with complete syntax, descriptions, and examples for usage. If you want to just jump right in and start searching, check out the Search command cheat sheet--it's a quick guide, complete with descriptions and examples.
Knowledge Manager Manual
As you use Splunk, knowledge objects are created, including event types, tags, lookups, field extractions, workflow actions, saved searches, and views. This manual demonstrates ways that you can use Splunk knowledge to solve real-world problems, and shows you how to maintain large sets of knowledge objects for your organization.
Alerting Manual
This manual sums up everything you'll need to know about designing alerts that monitor incoming events and are triggered when specific conditions are met. Triggered alerts can send email notifications, send results to RSS feeds, and run scripts that interact with external systems.
Splunk Data Visualizations Manual
This is the new manual for data visualizations in Splunk. It discusses the range of visualization options that Splunk provides, shows you how to design reports, and covers the creation of dashboard with Splunk Web and simple XML. It also shows you your options for form design using simple XML.
Managing Indexers and Clusters
This manual explains how to configure and manage Splunk indexers and clusters of indexers.
Securing Splunk
This manual describes ways you can secure Splunk. Look here to learn about creating and authenticating users, configuring SSL, using audit features to secure your data, and hardening your Splunk instances to reduce vulnerability and risk.
Developing Views and Apps for Splunk Web
Provides information, procedures, and examples on how to create dashboards and views using Splunk's Advanced XML. Also discusses building Splunk apps, creating custom scripted inputs, extending Splunk, and other advanced development topics. Prior to Splunk 4.3, content in this manual was found in the ''Splunk Developer Manual.''
Troubleshooting Manual
The Troubleshooting Manual gets you started solving problems, should one occur with your Splunk instance.
REST API Reference
Provides reference documentation on all publicly accessible Splunk REST API endpoints. The introduction provides instructions on how to use the REST API plus examples that illustrate common use cases.
Translated Documentation
Some Splunk 5.0 manuals are available in Japanese, Korean, Simplified Chinese, and Traditional Chinese.