What's in this manual
This documentation does not apply to the most recent version of Splunk. Click here for the latest version.
What's in this manual
In this manual, you'll find information and procedures for the Splunk enterprise user—if you use Splunk to investigate problems and report on results, this is the manual for you.
Continue reading to:
- learn how to add data to your indexes
- start searching with terms, Boolean expressions, and fields
- learn how to use the search results and timeline to interactively narrow your search
- learn how to save event types, extract new fields, and tag field values
- learn how to save searches and set alert conditions for scheduled searches
- start building reports and charts to save and share with others
if you want to just jump right in and start searching, see the Search command cheat sheet for a quick reference complete with descriptions and examples.
Make a PDF
If you'd like a PDF of any version of this manual, click the pdf version link above the table of contents bar on the left side of this page. A PDF version of the manual is generated on the fly for you, and you can save it or print it out to read later.
This documentation applies to the following versions of Splunk: 4.0 , 4.0.1 , 4.0.2 , 4.0.3 , 4.0.4 , 4.0.5 , 4.0.6 , 4.0.7 , 4.0.8 , 4.0.9 , 4.0.10 , 4.0.11 View the Article History for its revisions.