
Manuals for the Splunk administrator
This Admin manual is one of several books with important information and procedures for the Splunk administrator.
If you're responsible for configuring, running, and maintaining Splunk as a service for yourself or other users, start with this book. Then go to these other manuals for details on specific areas of Splunk administration:
- Getting Data In
- Managing Indexers and Clusters
- Distributed Deployment
- Security
- Troubleshooting
- Installation
Here's a breakdown of the information you can find in this important set of books:
Manual | What it covers | Key topic areas |
---|---|---|
Getting Data In | Specifying data inputs and improving how Splunk handles data | How to get data into Splunk Configure event processing Preview your data |
Managing Indexers and Clusters | Managing Splunk indexers and clusters of indexers | About indexing and indexers Manage indexes Back up and archive your indexes About clusters and index replication Deploy clusters |
Distributed Deployment | Scaling your deployment to fit the needs of your enterprise, with details on Splunk distributed components such as forwarders, search heads, and deployment servers | Distributed Splunk overview Forward data Search across multiple indexers Deploy updates across your environment |
Securing Splunk | Data security and user authentication | User authentication and roles About securing Splunk with SSL Auditing |
Troubleshooting | Solving problems | First steps Splunk log files Some common scenarios |
Installation | Installing and upgrading Splunk | System requirements Step by step installation procedures How to upgrade Splunk |
The topic "Learn to administer Splunk" provides more detailed guidance on where to go to read about specific admin tasks.
Other books of interest to the Splunk administrator
In addition to the manuals that describe the primary administration tasks, you might want to visit other manuals from time to time, depending on the size of your Splunk installation and the scope of your responsibilities. These are other manuals in the Splunk core documentation set:
- Splunk Tutorial! This manual provides an introduction to using Splunk.
- Knowledge Manager. This manual describes how to manage Splunk knowledge objects, such as event types, tags, lookups, field extractions, workflow actions, saved searches, and views.
- Alerting. This manual describes Splunk's alerting and monitoring functionality.
- Data Visualizations. This manual describes the range of visualizations that Splunk provides.
- Search. This manual tells you how to search and how to use the Splunk search language.
- Search Reference. This reference contains a detailed catalog of the Splunk search commands.
- Developing Views and Apps for Splunk Web. This manual explains how to develop views and apps using advanced XML. It also contains other developer topics, such as custom scripts and extending Splunk.
- REST API Reference. This manual provides information on all publicly accessible REST API endpoints.
- Release Notes. Look here for information about new features, known issues, and fixed problems.
The larger world of Splunk documentation
For links to the full set of Splunk core documentation, including the manuals listed above, visit: Splunk core documentation.
To access all the Splunk documentation, including manuals for apps, go to this page: Welcome to Splunk documentation.
NEXT Learn to administer Splunk |
This documentation applies to the following versions of Splunk® Enterprise: 5.0, 5.0.1, 5.0.2, 5.0.3, 5.0.4, 5.0.5, 5.0.6, 5.0.7, 5.0.8, 5.0.9, 5.0.10, 5.0.11, 5.0.12, 5.0.13, 5.0.14, 5.0.15, 5.0.16, 5.0.17, 5.0.18
Comments
This link seems to be broken: http://docs.splunk.com/Documentation/Splunk/5.0.3/Security/SecureaccesstoSplunkwithHTTPS
Thanks for the heads up, I've fixed the link.