Splunk is a powerful tool to collect, store, alert, report, and study machine data. This machine data usually comes from server logs, but it could also be collected from other sources. Splunk is, by far, the most flexible and scalable solution available to tackle the huge problem of making machine data useful.

The goal of the original version of this book was to serve as an organized and curated guide to Splunk 4.3. This version endeavors to preserve that objective, while focusing on the latest version (at the time of writing) of Splunk—6.2.0. In fact, care has been taken to call out the differences between the versions. In addition, new content has been added, covering search acceleration methods, backfilling, data replication, and Hunk. ...