A technical overview of Splunk Enterprise and its features and documentation.
Includes information about new features, known issues, and fixed problems.
How to install or migrate Splunk Enterprise. Includes system migration requirements and licensing information.
If you are new to Splunk Enterprise, start here. Guides you through adding data, searching data, and creating simple dashboards.
If you are new to Splunk 6, start here. Guides you through adding data, building simple data models, and creating new pivots.
Starting point for Splunk Enterprise administration. Includes information about managing licenses, configuring Splunk Enterprise, and using the command-line interface. Includes a complete reference to all Splunk Enterprise configuration files.
How to create and dispatch alerts that are triggered when specific conditions are met.
Create and edit dashboards by using Splunk Enterprise interactive editors and simple XML source code. Includes information about visualizations that you can use to show search results. Also includes a reference to simple XML for dashboards and a chart configuration reference.
How to create Splunk Enterprise apps, use scripted inputs and modular inputs, extend Splunk Enterprise, and other advanced development topics. Also contains information about using advanced XML for the Splunk Enterprise module system.
How to distribute Splunk Enterprise functionality across multiple servers by using components such as forwarders, indexers, and search heads.
How to distribute searches across multiple Splunk Enterprise indexers by using search heads.
How to use forwarders to get data into Splunk Enterprise.
How to get data into Splunk Enterprise and ensure that Splunk Enterprise indexes your machine data efficiently and effectively.
How to use and maintain Splunk Enterprise knowledge objects such as event types, tags, lookups, field extractions, workflow actions, reports, and views, as well as the creation and management of data models.
How to configure and manage Splunk Enterprise indexers and clusters of indexers.
Includes the module system extension dictionary and APIs.
Includes the Splunk Web infrastructure layer for building custom apps using the module system.
How to use Pivot to create tables and charts without the use of the Splunk Search Processing Language (SPL™).
How to save and manage searches and pivots as a report. Includes report acceleration, report scheduling, and printing reports as PDFs.
Includes reference documentation about publicly accessible Splunk Enterprise REST API endpoints.
How to search and use the Splunk Search Processing Language. Includes examples of searches to calculate statistics, evaluate fields, and report on search results.
Catalog of the search commands that make up the Splunk Enterprise search processing language (SPL) with complete syntax, descriptions, and examples for each search command. Includes a Search Command Cheat Sheet for quick reference.
How to create and authenticate users, configure SSL, use audit features to secure your data, and harden Splunk Enterprise instances to reduce vulnerability and risk.
How to analyze activity and diagnose problems with Splunk Enterprise.
How to use deployment server and forwarder management to update Splunk Enterprise distributed instances, such as forwarders and indexers.