Chapter 10. Tweaking Splunk
We have already learned some important features of Splunk, creating analytics and visualizations, along with various dashboard customization techniques. Now we will learn about various ways we can tweak Splunk so that we can get the most out of it and that to efficiently. In this chapter we will learn various management and customization techniques for using Splunk in the best possible way.
In this chapter, we will cover the following topics in detail, along with example and uses.
- Index replication
- Indexer auto-discovery
- Sourcetype manager
- Field extractor
- Search history
- Event pattern detection
- Data acceleration
- Splunk buckets
- Search optimizations
- Splunk health
Index replication
Splunk supports a %distributed environment. Now, when ...
Get Splunk: Enterprise Operational Intelligence Delivered now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
