splunk

 

 

 

1. Introduction

Overview

A data platform built for expansive data access, powerful analytics and automation.

Splunk Platform

Splunk Enterprise: Search, analysis and visualization for actionable insights from all of your data

Splunk Cloud: petabyte-scale data analytics across the hybrid cloud.

2. Demo

3. Architecture

3.1. How Splunk works?

Splunk Enterprise performs three key functions as it processes data:

1.ingest data from files, the network, or other sources.

2.parse and indexes the data.

3.run searches on the indexed data.

Types of deployments

Single-instance deployments

One instance of Splunk Enterprise handles all aspects of processing data,from input through indexing to search.

Distributed deployments

In a typical distributed deployment, each Splunk Enterprise instance performs a specialized task and resides on one of three processing tiers corresponding to the main processing functions:

Data input tier

Indexer tier

Search management tier

Splunk Enterprise Components

Specialized instances of Splunk Enterprise are known collectively as compenents. Components are full Splunk Enterprise instances that have been configured to focus on one or more specific functions, such as indexing or search.

 

Ther