About this tutorial
This documentation does not apply to the most recent version of Splunk. Click here for the latest version.
Contents
About this tutorial
This section briefly explains what you need to run Splunk and complete this tutorial.
If you're running Splunk on Windows
Splunk for Windows does not currently include the sample data that is referred to by this tutorial. Check back here later for Windows-specific tutorial examples, but in the meantime (once you've indexed some data), try replacing the search terms used in the tutorial with items you know are in your own data.
Requirements
- A supported browser (See system requirements and release notes).
- A copy of Splunk:
- On an individual machine, or elsewhere in the organization. (Download and install.)
- On Splunk hosted demo servers.
Log in
Splunk does not require a login when using a Free license. An Enterprise license requires a login:
- For an individual server, the default Splunk username is admin and password is changeme.
- For the Splunk hosted demo server, the username and password are guest and guest.
Splunk Web
Splunk Web runs by default on port 8000 of the host on which it is installed.
- If you're running Splunk on your local machine, the URL to access Splunk Web is http://localhost:8000
- If you're running Splunk on a different machine, the URL to access Splunk Web is http://<hostname>:8000
where <hostname> is the name of the machine Splunk is running on.
Logging in to Splunk takes you to the dashboard and Splunk Web. For this tutorial, you only need to know that:
- You type your search query in the search bar at the top of the dashboard.
- The down-arrow button, to the left of the search bar, is a drop-down menu.
- The green button, to the right of the search bar, enters your search.
- You change the time range with the drop-down menu below the search box.
- Splunk displays the number of occurrences of your search results graphically on the timeline.
- Splunk lists each individual event that results from your search underneath the timeline and ordered by timestamp.
Read the other sections of the Splunk User Manual for more information.
Command line interface (CLI)
Splunk includes a command line interface (CLI) that runs from a shell on the server host. The Splunk CLI is a great way to integrate Splunk into admin scripts. Read Use the Splunk CLI for more information.
This documentation applies to the following versions of Splunk: 3.2 , 3.2.1 , 3.2.2 , 3.2.3 , 3.2.4 , 3.2.5 , 3.2.6 , 3.3 , 3.3.1 , 3.3.2 , 3.3.3 , 3.3.4 , 3.4 , 3.4.1 , 3.4.2 , 3.4.3 , 3.4.5 , 3.4.6 , 3.4.8 , 3.4.9 , 3.4.10 , 3.4.11 , 3.4.12 , 3.4.13 , 3.4.14 View the Article History for its revisions.