Summary

This chapter provided an overview of how configurations work and a commentary on the most common aspects of Splunk configuration. This is by no means a complete reference for these configurations, which I will leave to the official documentation. I find the easiest way to get to the official documentation for a particular file is to query your favorite search engine for splunk configname.conf.

In Chapter 11, Advanced Deployments, we will dig into distributed deployments, and look at how they are efficiently configured. What you have learned in this chapter will be vital to understanding what is considered best practice.

Get Implementing Splunk: Big Data Reporting and Development for Operational Intelligence now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Implementing Splunk: Big Data Reporting and Development for Operational Intelligence by Vincent Bumgarner

Summary

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly