Digital Resilience Pays Off
Download this e-book to learn about the role of Digital Resilience across enterprises.
I spend a great deal of time using, learning and demonstrating Splunk, and recently I had some questions from users on “what can I do with fields?”, “how do i make them?”, “how do I tweak them?”. That inspired me to publish a new Splunk Ninja episode known as “Fields of Dreams”.
In this episode, Splunk Ninja gives an all out tour of “fields” in Splunk 4.0, how they work, how to use them, some tips and tricks as well.
The ability for Splunk to handle multiple data formats all in a single search index and do “search time field extraction” is unique to the marketplace.
Additionally, you’ll see me take fields and use them to assemble a transaction with Cisco PIX firewall logs. I use the “| transaction” search command to link and calculate the duration of outbound TCP connections.
Comments, suggestions, or new Splunk Ninja video ideas welcome!
Note: Often in blogs, this one, and on my site http://splunkninja.com the “fullscreen toggle” buttons don’t work properly on videos that are embedded. I shoot all of mine in 1280×720 (720p) resolution. If you would like to go directly to the episode so you can watch it in fullscreen or even download it, go here:
Splunk Ninja – Fields of Dreams
Tags: splunkninja, splunk, fields, transaction, video, ifx
----------------------------------------------------
Thanks!
Michael Wilde
The Splunk platform removes the barriers between data and action, empowering observability, IT and security teams to ensure their organizations are secure, resilient and innovative.
Founded in 2003, Splunk is a global company — with over 7,500 employees, Splunkers have received over 1,020 patents to date and availability in 21 regions around the world — and offers an open, extensible data platform that supports shared data across any environment so that all teams in an organization can get end-to-end visibility, with context, for every interaction and business process. Build a strong data foundation with Splunk.