Splunk® Enterprise

Splunk Enterprise Overview

Download manual as PDF

This documentation does not apply to the most recent version of Splunk. Click here for the latest version.
Download topic as PDF

Searching and Reporting

The Searching and Reporting app lets you search your data, create data models and pivots, save your searches and pivots as reports, configure alerts, and create dashboards.

Searching

The Search Manual discusses how to search and use the Search Processing Language (SPL). See the Search Reference for a catalog of the search commands with syntax, descriptions, and examples for each command.

Task: Look here:
You are new to Splunk Enterprise and want to learn how to search and use the search processing language Start with the Search Tutorial
Learn more about the search processing language Get started with Search

About the search language

Understanding SPL syntax

About transforming commands and searches

About real-time searches and reports

Find a specific search command or function Command quick reference

Search commands by category

Evaluation functions

Statistical and charting functions

Manage search jobs About jobs and jobs management

View search job properties

Creating Pivots

The Knowledge Manager Manual includes a section that discusses how to design and build data models using the data model editor. The Pivot Manual discusses how to build pivots tables and charts.

Task: Look here:
You are new to Splunk Enterprise and want to learn about data model and pivot Pivot Tutorial
Learn about data models and how to build them About data models
Learn more about Pivot and how to use the Pivot Editor to design tables and charts. Pivot Manual

Reporting

See more about reports and report management in the Reporting Manual.

Task: Look here:
Use search commands to generate reports About transforming commands and searches
Learn about the different kinds of visualizations (tables, charts, event listings, and so on) Dashboards and Visualizations

Data structure requirements for visualizations

Save a search or pivot as a report Create and edit reports
Accelerate a report

Understand requirements for report acceleration

Accelerate reports
Schedule a report Schedule reports
Generate a PDF of your report Generate PDFs of your reports and dashboards

Alerting

See how to create and dispatch alerts in the Alerting Manual.

Task: Look here:
Learn about alerts About alerts
Set up email notifications, RSS notifications, or alert scripts Set up alert actions
See alerting examples Alert Examples
See recently triggered alerts Review triggered alerts using the Alert Manager
Set up alerts using the configuration files Configure alerts in savedsearches.conf

Creating dashboards and visualizations

Task: Look here:
Learn about creating and editing dashboards Dashboard overview
Learn about the different kinds of visualizations (tables, charts, event listings, and so on) Visualization Reference
Learn about the default activity and summary dashboards Splunk Enterprise summary dashboard
Learn about the Splunk Web Framework Splunk Web Framework Overview
PREVIOUS
Splunk Enterprise administration
  NEXT
Manage Splunk Enterprise knowledge

This documentation applies to the following versions of Splunk® Enterprise: 6.5.0, 6.5.1, 6.5.1612 (Splunk Cloud only), 6.5.2, 6.5.3, 6.5.4, 6.5.5, 6.5.6, 6.5.7, 6.5.8, 6.5.9, 6.5.10, 6.6.0, 6.6.1, 6.6.2, 6.6.3, 6.6.4, 6.6.5, 6.6.6, 6.6.7, 6.6.8, 6.6.9, 6.6.10, 6.6.11, 6.6.12, 7.0.0, 7.0.1, 7.0.2, 7.0.3, 7.0.4, 7.0.5, 7.0.6, 7.0.7, 7.0.8, 7.0.9


Comments

"Set up email notifications, RSS notifications, or alert scripts"
After clicking on the link to "Set up alert actions", the next page has no mention of RSS. Is this feature still available?

Spammenot66
March 16, 2018

Was this documentation topic helpful?

Enter your email address, and someone from the documentation team will respond to you:

Please provide your comments here. Ask a question or make a suggestion.

You must be logged into splunk.com in order to post comments. Log in now.

Please try to keep this discussion focused on the content covered in this documentation topic. If you have a more general question about Splunk functionality or are experiencing a difficulty with Splunk, consider posting a question to Splunkbase Answers.

0 out of 1000 Characters