Splunk Docs: let us make an example of you


The Splunk doc team wants to improve our search command examples, and we need your help.  Share your expertise!  The best examples will be added to the Splunk documentation. If you submit a winning example, you will earn undying fame because we will credit you right in the docs.

Here are the search commands that would benefit from better, real-world examples.

  • abstract – Has only one basic example now.
  • addInfo – Has only one basic example now.
  • appendcols
  • bin/bucket
  • collect – This advanced command needs a great example.
  • dedup
  • delete – Are there other use case examples for this command besides what is there now?
  • eventstats
  • fields
  • foreach – Users find this complicated and hard to use, but this is a very useful command.
  • geom – Current examples have no descriptions.
  • inputcsv – We need a good, common use case for this command.
  • inputlookup
  • lookup – Has only one basic example now.
  • outputcsv – We need a good, common use case for this command. Has only one basic example now.
  • outputlookup
  • rangemap
  • regex
  • replace – When would you use this command versus using rex ?
  • rex
  • script – Has only one basic example now.
  • search
  • streamstats
  • tstats – This advanced command needs a great example.
  • untable – A little-known, but useful command. Has only one basic example now.
  • where


How does the contest work?

  • Contest starts Monday, September 26th and ends Friday, September 30th.
  • Send your examples to Laura Stewart (lstewart at splunk dot com), or turn them in at the Doc booth at .conf. You can also talk with Laura at the .conf session she is delivering with Patrick Pablo: “Help! How do I get help with all things Splunk?”
  • Winners announced in October.


Ideal examples

  • Use an open source data set, so users can try out the examples. If you don’t have a worthy open data source, use the Buttercup Games data from the Search Tutorial or the USGS open data catalog.
  • Provide a comprehensive description for what each part of the search string is doing.  Please include a use case or scenario description with your example.
  • Use multiple commands, with functions, for a more comprehensive, detailed example.
  • Include screen shots of the data before and after running the search.


What to submit with your example

  • Your name
  • Your email address
  • Which command is your example for?
  • Example use case or scenario
  • Example search string

Thanks, and good luck!

Christopher Gales
Posted by

Christopher Gales

I manage the doc team at Splunk, which means I have the privilege of working with some of the best tech writers in the industry. We apply ourselves every day to help our customers be productive and confident when they use Splunk software. Community engagement is what makes Splunk docs great! I have been a member of the Center for Information-Development Management Advisory Council since 2013, and I have presented to global audiences about strategic planning, metrics, and community engagement. I live in the San Francisco Bay Area, have a family, and pride myself on knowing who to ask.