Introducing 

Prezi AI.

Your new presentation assistant.

Refine, enhance, and tailor your content, source relevant images, and edit visuals quicker than ever before.

Loading…
Transcript

A Beginners Primer

About Splunk

ABOUT SPLUNK

  • Software company

  • Search, monitor, analyze machine data

  • IT, applications, security, business analytics, industrial data

Mission Statement

“Make machine data accessible, usable, and valuable to everyone.”

Core Products

Splunk Enterprise

Splunk Cloud

Splunk Light

Why Splunk?

NUTS &

BOLTS

Splunk Components

Splunk is broken down into 3 main components:

  • The Indexer
  • The Universal Forwarder
  • The Search Head

Splunk Deployment

Splunk Components

The Indexer

An indexer is a Splunk Enterprise instance that indexes data.

The indexer is the Splunk Enterprise component that creates and manages indexes. The primary functions of an indexer are:

  • Indexing incoming data.
  • Searching the indexed data.

The Universal Forwarder

Forwarder

To get data to an indexer, you use forwarders, which are Splunk Enterprise instances that receive data inputs and then consolidate and send the data to a Splunk indexer.

Universal forwarders maintain a small footprint on their host machine.

They perform minimal processing on the incoming data streams before forwarding them on to an indexer, also known as the receiver.

The Search Head

Search heads manage searches.

They handle search requests from users and distribute the requests across the set of indexers, which search their local data.

The search head then consolidates the results from all of the indexers and serves them to the users.

Search Head

USE

CASES

Inventory monitoring

Performance monitoring

Event Correlation

Troubleshooting

Security reporting

Change tracking

etc.

CLOSING

Questions or Feedback?

Learn more about creating dynamic, engaging presentations with Prezi