Splunk® Enterprise

Search Tutorial

Download manual as PDF

This documentation does not apply to the most recent version of Splunk. Click here for the latest version.
Download topic as PDF

What you need for this tutorial

You need to create a Splunk.com account, access the free trial Splunk software, and download the tutorial data files. There might be other prerequisites, depending on which Splunk platform you use.

Create a Splunk.com account

You need a Splunk.com account to download the free trial Splunk software. If you don't already have a Splunk.com account, you need to create an account. If you already have an account, you need to login to that account.

1. Go to http://www.splunk.com/.

2. Create an account, or login to an existing account.

  • To create an account, click My Account > Sign Up. Enter the registration information.
  • To log in to an existing account, click My Account > Login.

System requirements

Ensure that your computer meets the system requirements.

Splunk Enterprise

You can use this tutorial on Linux, Windows, and Mac OS. For this tutorial, your computer must meet the specifications listed in this table.
Requirement Minimum supported hardware capacity
Non-Windows platforms 1x1.4GHz CPU, 1GB RAM
Windows platforms Pentium 4 or equivalent at 2GHz, 2GB RAM
Web browser The latest versions of Chrome, Firefox, and Safari browsers are supported with Splunk Enterprise 6.0+

Splunk Cloud

You must have a Web browser. The latest versions of Chrome, Firefox, and Safari browsers are supported with Splunk Cloud.

Access the trial version of the Splunk software

For this tutorial, use the latest version of the software.

Splunk Enterprise

If it has been awhile since you downloaded the Splunk Trial software, download the trial software again. It is possible that the Trial license converted to a Free license. The Free license has some limitations. See Splunk trial licenses for more information.
1. Identify the installer that you want use with the tutorial.
Operating system Available installers For this tutorial
Linux 3 installers. An RPM download for RedHat, a DEB package for Debian Linux, and a TAR file installer. Use any of the installers.
Mac OS X 2 installers. A DMG package and a TAR file installer. Use the DMG packaged graphical installer.
Windows Splunk Enterprise: 2 installers. An MSI file and a compressed ZIP file. Use the MSI file graphical installer.
2. Download the free trial version of the installer for Splunk Enterprise.

Splunk Cloud

For this tutorial, setup a trial version of Splunk Cloud.
1. Start a trial version of Splunk Cloud.
2. Follow the prompts on the website. Your trial version opens in a browser window.
Additionally, an email is sent to you with information about your Splunk Cloud URL.

Download the tutorial data files

This tutorial uses a fictitious game store, called Buttercup Games, that sells games and related items in an online store.

You must download several data files to use with the tutorial. The data files contain web access log files, secure formatted log files, sales log files, and a price list in a CSV file.

1. Download the tutorialdata.zip file. Do not uncompress the tutorialdata.zip file.

2. Download the Prices.csv.zip file.

3. In the download location, uncompress the Prices.csv.zip file.

Splunk trial licenses

The trial licenses have time limitations and data volume limitations.

Splunk Enterprise

When you download Splunk Enterprise for the first time, you get an Enterprise Trial license for 60 days. This Enterprise Trial license includes all of the features, but limits the amount of data that you can index each day. The limit is 500MB.
After 60 days, the Enterprise Trial license converts to a Free license and some of the features, such as authentication and alerting, are disabled. The Free license also includes the 500MB each day of indexing volume, but has no expiration date.

Splunk Cloud

When you start a Splunk Cloud free trial, you have access to Splunk Cloud for 15 days. This Cloud trial license includes all of the features, but limits the amount of data that you can index each day. The limit is 5GB a day for a maximum of 50GB total.

Next step

The next step depends on the Splunk product that you are using.

Splunk Enterprise

You must install Splunk Enterprise.

Splunk Cloud

If you see a window welcoming you to the Splunk Free Cloud Trial and inviting you to Drop your data file here, close that window. You will upload the tutorial data In Part 3. For now, go to Navigating Splunk Web.

See also

System Requirements in the Installation Manual
Types of Splunk licenses in the Admin Manual

PREVIOUS
About the Search Tutorial
  NEXT
Install Splunk Enterprise on Linux, Windows, or Mac OS X

This documentation applies to the following versions of Splunk® Enterprise: 6.2.0, 6.2.1, 6.2.2, 6.2.3, 6.2.4, 6.2.5, 6.2.6, 6.2.7, 6.2.8, 6.2.9, 6.2.10, 6.2.11, 6.2.12, 6.2.13, 6.3.0, 6.3.1, 6.3.2, 6.3.3, 6.3.4, 6.3.5, 6.3.6, 6.3.7, 6.3.8, 6.3.9, 6.3.10, 6.3.11, 6.3.12


Was this documentation topic helpful?

Enter your email address, and someone from the documentation team will respond to you:

Please provide your comments here. Ask a question or make a suggestion.

You must be logged into splunk.com in order to post comments. Log in now.

Please try to keep this discussion focused on the content covered in this documentation topic. If you have a more general question about Splunk functionality or are experiencing a difficulty with Splunk, consider posting a question to Splunkbase Answers.

0 out of 1000 Characters