Splunk® Enterprise

Search Tutorial

Acrobat logo Download manual as PDF


Splunk Enterprise version 6.x is no longer supported as of October 23, 2019. See the Splunk Software Support Policy for details. For information about upgrading to a supported version, see How to upgrade Splunk Enterprise.
This documentation does not apply to the most recent version of Splunk. Click here for the latest version.
Acrobat logo Download topic as PDF

Additional resources

This tutorial was a brief introduction to navigating the search interface and using the search language. It walked you through running some basic searches and saving the results as a report and dashboard, but you can do much more with Splunk Enterprise.

You can continue to use the tutorial data, run more searches, and create more dashboards.

The following sections provide additional information and links.

Sending us feedback

At the bottom of every page of this tutorial, and all of the Splunk documentation, is a quick form that you can use to send us feedback.

This screen image shows the"Was this topic useful" form at the bottom of each topic in the documentation.

Splunk Community

The Splunk Community is amazing. Splunk Answers. User groups. Blogs. Find other users and splunkers to chat with on EFNET IRC in the #splunk channel.

Everything you need is on the Community Portal.

Search resources

This tutorial was a brief introduction to navigating the search interface and using the search language. It walked you through running some basic searches and saving the results as a report and dashboard, but you can do much more with the Splunk software. For more details, see the following manuals:

  • Search Manual: Explains how to search and use the Splunk Search Processing Language (SPL). Look here for more thorough examples of writing Splunk searches to calculate statistics, evaluate fields, and report on search results.
  • Search Reference: Provides a reference for users who are looking for a catalog of the search commands with complete syntax, descriptions, and examples for usage.

Splunk documentation

Splunk has a wide range of documentation. Tutorials. Use case scenarios. Manuals for administrators, developers, and users. SDK and command syntax documentation.

There are separate manuals for searches, dashboards and visualizations, reports, pivots, and alerts.

You will find all of the information on the Splunk Documentation site.

Splunk Enterprise system requirements

The Search Tutorial presents a snapshot of the Splunk Enterprise system requirements. For an explanation of the requirements, see System Requirements in the Installation Manual.

Education

To learn more about Splunk Enterprise features and how to use them, see the Splunk selection of Education videos and classes.

Last modified on 01 August, 2016
PREVIOUS
Add more panels to the dashboard 		 

This documentation applies to the following versions of Splunk® Enterprise: 6.3.0, 6.3.1, 6.3.2, 6.3.3, 6.3.4, 6.3.5, 6.3.6, 6.3.7, 6.3.8, 6.3.9, 6.3.10, 6.3.11, 6.3.12, 6.3.13, 6.3.14

Was this documentation topic helpful?

You must be logged into splunk.com in order to post comments. Log in now.

Please try to keep this discussion focused on the content covered in this documentation topic. If you have a more general question about Splunk functionality or are experiencing a difficulty with Splunk, consider posting a question to Splunkbase Answers.

0 out of 1000 Characters