Splunk® Light

Getting Started Manual

Download manual as PDF

This documentation does not apply to the most recent version of SplunkLight. Click here for the latest version.
Download topic as PDF

Splunk Light features

Splunk Light delivers log search and analysis for individuals, small businesses, and work groups within larger organizations. It provides monitoring and troubleshooting solutions for the system administrators, support analysts, application teams, and developers who work with logs and are responsible for multiple use cases across multiple platforms.

Key features and capabilities

Indexing

Add data from a variety of sources: upload files to Splunk Light, monitor files or directories, receive data from Splunk Forwarders, or enable pre-defined data sources from Splunk Add-ons. You can index logs, clickstream data, configurations, traps and alerts, messages, scripts, performance data and statistics from your applications, servers, mainframes and network devices—physical, virtual and in the cloud. See About adding data to Splunk Light in the Getting Started Manual.

Freeform search

Freeform search supports intuitive Boolean, nested, quoted string and wildcard searches familiar to anyone comfortable on the web. Includes real-time search, timerange search, and transaction-level search.

Monitor and alerting

Monitor for specific conditions and correlate events from multiple data sources across your IT infrastructure so you can monitor more meaningful and complex events.

Reporting and analysis

Generate reports on an immense amount of data instantly. Provides access to key data for a specified time window to make business-critical, real time decisions. Easily report on search results and on correlated events.

Custom Dashboards

Create custom dashboards and interactive views for different types of users, technical and non-technical. Integrate reports with search results. Edit dashboards using a simple drag-and-drop interface.

Add-ons

You can extend the capabilities of Splunk Light by installing and enabling additional Splunk Add-ons. Splunk Light includes a set of add-ons that you can install and enable to configure new data inputs. You can also browse Splunkbase for more Splunk Light compatible add-ons to install. See Configure an add-on to add data in Splunk Light in the Getting Started Manual.

Splunk Light Free versus Splunk Light

The following table lists the Splunk Light features enabled by the license type.

Features Splunk Light Free Splunk Light
Daily Indexing Volume Up to 500MB Up to 20GB
Search and Reporting Yes Yes
Dashboards Yes Yes
Alerting No Yes
Accounts 1 Admin Up to 5, Admin and User
Add-ons Yes Yes

See About Splunk Light licensing in the Installation Manual.

Differences between Splunk Light and Splunk Enterprise

Features Splunk Enterprise Splunk Light
Maximum daily indexing volume Unlimited 20GB
Maximum users Unlimited 5
Data collection add-ons Yes Yes
Apps Yes No
Monitoring and alerting Yes Yes
Dashboards and reports Yes Yes
Search and analysis Yes Yes
Automatic data enrichment Yes Yes
Anomaly detection Yes Yes
Scalability Unlimited Single Server
Access control Customizable User and Admin only


See Splunk Light versus Splunk Enterprise Comparison.

Upgrade to Splunk Enterprise

You can upgrade and migrate from Splunk Light to Splunk Enterprise. See About upgrading and migrating Splunk Light in the Installation Manual.

PREVIOUS
About the Splunk Light Getting Started Manual
  NEXT
Start Splunk Light and log into Splunk Web

This documentation applies to the following versions of Splunk® Light: 6.5.0, 6.5.1, 6.5.2, 6.5.3, 6.5.1612 (cloud service only), 6.6.0, 6.6.1, 6.6.2, 6.6.3


Was this documentation topic helpful?

Enter your email address, and someone from the documentation team will respond to you:

Please provide your comments here. Ask a question or make a suggestion.

You must be logged into splunk.com in order to post comments. Log in now.

Please try to keep this discussion focused on the content covered in this documentation topic. If you have a more general question about Splunk functionality or are experiencing a difficulty with Splunk, consider posting a question to Splunkbase Answers.

0 out of 1000 Characters