Splunk® Enterprise

Search Tutorial

Download manual as PDF

This documentation does not apply to the most recent version of Splunk. Click here for the latest version.
Download topic as PDF

Additional resources

This tutorial was a brief introduction to navigating the search interface and using the search language. It walked you through running some basic searches and saving the results as a report and dashboard, but you can do much more with Splunk Enterprise.

You can continue to use the tutorial data, run more searches, and create more dashboards.

The following sections provide additional information and links.

Sending us feedback

At the bottom of every page of this tutorial, and all of the Splunk documentation, is a quick form that you can use to send us feedback.

This screen image shows the"Was this topic useful" form at the bottom of each topic in the documentation.

Splunk Community

The Splunk Community is amazing. Splunk Answers. User groups. Blogs. Find other users and splunkers to chat with on EFNET IRC in the #splunk channel.

Everything you need is on the Community Portal.

Search resources

This tutorial was a brief introduction to navigating the search interface and using the search language. It walked you through running some basic searches and saving the results as a report and dashboard, but you can do much more with the Splunk software. For more details, see the following manuals:

  • Search Manual: Explains how to search and use the Splunk Search Processing Language (SPL). Look here for more thorough examples of writing Splunk searches to calculate statistics, evaluate fields, and report on search results.
  • Search Reference: Provides a reference for users who are looking for a catalog of the search commands with complete syntax, descriptions, and examples for usage.

Splunk documentation

Splunk has a wide range of documentation. Tutorials. Use case scenarios. Manuals for administrators, developers, and users. SDK and command syntax documentation.

There are separate manuals for searches, dashboards and visualizations, reports, pivots, and alerts.

You will find all of the information on the Splunk Documentation site.

Splunk Enterprise system requirements

The Search Tutorial presents a snapshot of the Splunk Enterprise system requirements. For an explanation of the requirements, see System Requirements in the Installation Manual.

Education

To learn more about Splunk Enterprise features and how to use them, see the Splunk selection of Education videos and classes.

Retrieved from "https://docs.splunk.com/index.php?title=Documentation:Splunk:SearchTutorial:MoreSplunk:6.2beta&oldid=880425"
PREVIOUS
Add more panels to the dashboard 		 

This documentation applies to the following versions of Splunk® Enterprise: 6.2.0, 6.2.1, 6.2.2, 6.2.3, 6.2.4, 6.2.5, 6.2.6, 6.2.7, 6.2.8, 6.2.9, 6.2.10, 6.2.11, 6.2.12, 6.2.13, 6.2.14, 6.2.15, 6.3.0, 6.3.1, 6.3.2, 6.3.3, 6.3.4, 6.3.5, 6.3.6, 6.3.7, 6.3.8, 6.3.9, 6.3.10, 6.3.11, 6.3.12, 6.3.13, 6.3.14

Was this documentation topic helpful?

Enter your email address, and someone from the documentation team will respond to you:

Please provide your comments here. Ask a question or make a suggestion.

You must be logged into splunk.com in order to post comments. Log in now.

Please try to keep this discussion focused on the content covered in this documentation topic. If you have a more general question about Splunk functionality or are experiencing a difficulty with Splunk, consider posting a question to Splunkbase Answers.

0 out of 1000 Characters