Over the day in the life of a Splunk user, he or she probably utilizes less than 50% of the available Splunk commands. It may be that the most popular commands such as stats, transaction, eval, top, timechart, chart, etc are already sufficient enough to do the types of manipulation and reporting that is required for the use case. Another way to look at it is that the other commands are not being utilized because of their lack of high cardinally and hence popularity in the abundant Splunk blogs, documentation, wiki’s, and answers.
In order to provide more awareness for many of these commands that are not as prevalent in use for the Splunk community, the field engineers at Splunk over the next few weeks and months will be introducing blog entries per command. The blogs will be titled “Splunk Command> Name of the Command” to make them easy to find. Each entry will introduce a sample use case, sample data to use against the command, and a discussion on usage to satisfy the use case.
What the Splunk user will receive in return for reading the blog entry is new insight into your arsenal of Splunk commands, which can be applied for real use cases. The commands are already in the Splunk product, but an entertaining useful discussion on some of the less used commands will make your already productive life with Splunk even more productive.