Default category for everything else Splunk related.

Build a Simple Splunk Indexer Cluster

Disclaimer: This guide is to show a very simple step by step walk through of how to install and configure a Splunk Indexer Cluster. In my lab environment I am [...]

Searching Your Searches

This is a straight-forward dashboard with a straight-forward problem to solve. I had a customer who was about to undertake a massive overhaul of their [...]

Getting Started With Tstats & Accelerated Data Models – Part 3

Once your data model has been accelerated it is time to start writing SPL queries to take advantage of the recently accelerated data. There are many methods to [...]

Getting Started With Tstats & Accelerated Data Models – Part 2

You’ve decided tstats and DMA is a good fit for you, or at least worth checking out. Excellent, let’s jump right into it! Web analytics, now faster! In [...]

Getting Started With Tstats & Accelerated Data Models – Part 1

If you haven’t used tstats and data model acceleration (DMA) yet, it’s time to start! Splunk slides aren’t marketing fluff claiming false information [...]

Splunk Certification Program Relaunch

Splunk Announcement If you haven't heard yet, there is a major re-work of Splunk Certifications. Splunk announced a major upgrade to their certification [...]

Torture the Data and it will Confess to Anything

Welcome to blogs.gosplunk.com! This is the all encompassing area where we take a deep dive into various experiments, guides, and just all around geeky things [...]