Splunk Enterprise administration
This topic lists common administrator tasks and directs you to the relevant topics within the associated manuals.
Install and upgrade Splunk Enterprise
The Installation Manual describes how to install and upgrade Splunk Enterprise.
| Task: | Look here: |
|---|---|
| Understand installation requirements | Installation overview |
| Estimate hardware capacity needs | Introduction to capacity planning for Splunk Enterprise |
| Install Splunk Enterprise | |
| Upgrade Splunk Enterprise | How to upgrade Splunk Enterprise |
| Perform backups |
Get data into Splunk Enterprise
Getting Data In describes the types of Splunk data inputs and how to get data into your Splunk deployment.
| Task: | Look here: |
|---|---|
| Learn how to consume external data | What data can I index? |
| Configure file and directory inputs | Monitor files and directories |
| Configure network inputs | Get data from TCP and UDP ports |
| Configure Windows inputs | Considerations for deciding how to monitor remote Windows data |
| Configure miscellaneous inputs |
Monitor First In, First Out (FIFO) queues Monitor changes to your file system Get data from APIs and other remote data interfaces through scripted inputs |
| Enhance the value of your data |
How timestamp assignment works |
| See how your data will look after indexing | The Set Sourcetype page |
| Improve the data input process | Use a test index to test your inputs |
| Understand the data pipeline | How data moves through Splunk Enterprise: the data pipeline |
Manage indexes and indexers
Managing Indexers and Clusters describes how to configure indexes and manage indexers, the components that maintain indexes.
| Task: | Look here: |
|---|---|
| Learn about indexing | Indexes, indexers, and indexer clusters |
| Manage indexes | About managing indexes |
| Manage index storage | How the indexer stores indexes |
| Back up indexes | Back up indexed data |
| Archive indexes | Set a retirement and archiving policy |
| Learn about clusters and index replication | About indexer clusters and index replication |
| Deploy clusters | Indexer cluster deployment overview |
| Configure clusters | Manager configuration overview |
| Manage clusters | View the manager dashboard |
| Learn about cluster architecture | Basic indexer cluster concepts for advanced users |
Scale Splunk Enterprise
The Distributed Deployment Manual describes how to distribute Splunk Enterprise functionality across multiple components, such as forwarders, indexers, and search heads.
| Task: | Look here: |
|---|---|
| Learn about Splunk Enterprise distributed deployments | Scale your deployment with Splunk Enterprise components |
| Perform capacity planning for Splunk deployments | Introduction to capacity planning for Splunk Enterprise |
| Learn how to forward data | About forwarding receiving |
| Distribute searches across multiple indexers | About distributed search |
| Deploy configuration updates across your environment | About deployment server and forwarder management |
Associated manuals cover distributed components in detail:
- For information on forwarders, see the Forwarding Data manual.
- For information on search heads, see the Distributed Search manual.
- To manage your deployment using the deployment server and forwarder management, see the Updating Splunk Enterprise Instances manual.
Secure Splunk Enterprise
Securing Splunk Enterprise describes how to secure your Splunk Enterprise deployment.
| Task: | Look here: |
|---|---|
| Authenticate users and edit roles | About user authentication |
| Secure Splunk data with SSL | About securing Splunk Web |
| Audit Splunk Enterprise |
Use Splunk Enterprise to audit your system activity |
| Use Single Sign-on (SSO) with Splunk Enterprise | About Single Sign-On using reverse proxy |
| Use Splunk Enterprise with LDAP | Set up user authentication with LDAP |
| Support and resources for Splunk Enterprise | Search and reporting |
This documentation applies to the following versions of Splunk® Enterprise: 7.0.0, 7.0.1, 7.0.2, 7.0.3, 7.0.4, 7.0.5, 7.0.6, 7.0.7, 7.0.8, 7.0.9, 7.0.10, 7.0.11, 7.0.13, 7.1.0, 7.1.1, 7.1.2, 7.1.3, 7.1.4, 7.1.5, 7.1.6, 7.1.7, 7.1.8, 7.1.9, 7.1.10, 7.2.0, 7.2.1, 7.2.2, 7.2.3, 7.2.4, 7.2.5, 7.2.6, 7.2.7, 7.2.8, 7.2.9, 7.2.10, 7.3.0, 7.3.1, 7.3.2, 7.3.3, 7.3.4, 7.3.5, 7.3.6, 7.3.7, 7.3.8, 7.3.9, 8.0.0, 8.0.1, 8.0.2, 8.0.3, 8.0.4, 8.0.5, 8.0.6, 8.0.7, 8.0.8, 8.0.9, 8.0.10, 8.1.0, 8.1.1, 8.1.2, 8.1.3, 8.1.4, 8.1.5, 8.1.6, 8.1.7, 8.1.8, 8.1.9, 8.1.10, 8.1.11, 8.1.12, 8.1.13, 8.1.14, 8.2.0, 8.2.1, 8.2.2, 8.2.3, 8.2.4, 8.2.5, 8.2.6, 8.2.7, 8.2.8, 8.2.9, 8.2.10, 8.2.11, 8.2.12, 9.0.0, 9.0.1, 9.0.2, 9.0.3, 9.0.4, 9.0.5, 9.0.6, 9.0.7, 9.0.8, 9.0.9, 9.0.10, 9.1.0, 9.1.1, 9.1.2, 9.1.3, 9.1.4, 9.1.5, 9.1.6, 9.2.0, 9.2.1, 9.2.2, 9.2.3, 9.3.0, 9.3.1
Download manual
Feedback submitted, thanks!