title
Log Analysis with Splunk | How to use Splunk to analyse a Real time Log | Splunk Use Cases | Edureka

description
๐Ÿ”ฅ Splunk Training & Certification(๐”๐ฌ๐ž ๐‚๐จ๐๐ž: ๐˜๐Ž๐”๐“๐”๐๐„๐Ÿ๐ŸŽ) : https://www.edureka.co/splunk-certification-training This Edureka "๐‹๐จ๐  ๐€๐ง๐š๐ฅ๐ฒ๐ฌ๐ข๐ฌ ๐ฐ๐ข๐ญ๐ก ๐’๐ฉ๐ฅ๐ฎ๐ง๐ค" video will help you understand what and why do we need Log Analysis & Monitoring. Then it will explain why to use Splunk for Log Analysis and how it works in detail with Use Cases. Finally, it will show the installation along with the demo of Windows Event Logs Analysis with Splunk. Following pointers are covered in Log Analysis and Splunk video:- 00:01:30 Introduction to Log Analysis and Monitoring 00:05:43 Need of Log Analysis and Monitoring 00:08:04 What is Splunk? 00:09:27 Why Splunk for Log Analysis and Monitoring? 00:10:31 How Splunk Works? 00:12:04 Steps of Log Analysis and Monitoring with Splunk 00:12:32 Splunk Log Analysis and Monitoring- Use Cases 00:14:41 Installation 00:23:57 Demo ------------------------------------------------- ๐Ÿ”นCheckout our complete "Splunk- Monitoring Tools" playlist here: https://bit.ly/2RKsliR ๐Ÿ”ดSubscribe to our channel to get video updates. Hit the subscribe button above: https://goo.gl/6ohpTV ๐Ÿ“Œ๐“๐ž๐ฅ๐ž๐ ๐ซ๐š๐ฆ: https://t.me/edurekaupdates ๐Ÿ“Œ๐“๐ฐ๐ข๐ญ๐ญ๐ž๐ซ: https://twitter.com/edurekain ๐Ÿ“Œ๐‹๐ข๐ง๐ค๐ž๐๐ˆ๐ง: https://www.linkedin.com/company/edureka ๐Ÿ“Œ๐ˆ๐ง๐ฌ๐ญ๐š๐ ๐ซ๐š๐ฆ: https://www.instagram.com/edureka_learning/ ๐Ÿ“Œ๐…๐š๐œ๐ž๐›๐จ๐จ๐ค: https://www.facebook.com/edurekaIN/ ๐Ÿ“Œ๐’๐ฅ๐ข๐๐ž๐’๐ก๐š๐ซ๐ž: https://www.slideshare.net/EdurekaIN ๐Ÿ“Œ๐‚๐š๐ฌ๐ญ๐›๐จ๐ฑ: https://castbox.fm/networks/505?country=IN ๐Ÿ“Œ๐Œ๐ž๐ž๐ญ๐ฎ๐ฉ: https://www.meetup.com/edureka/ ๐Ÿ“Œ๐‚๐จ๐ฆ๐ฆ๐ฎ๐ง๐ข๐ญ๐ฒ: https://www.edureka.co/community/ #edureka #splunktrainingcertification #edurekasplunk #splunktutorial #introductiontosplunk #loganalysiswithsplunk #splunklogmonitoring #windowseventloganalysisusingsplunk #splunkloganalysis #loganalysis #logmonitoring #splunkinstallation #splunkedureka #edurekatraining #edurekacertification #splunkarchitecture #splunk ---------๐„๐๐ฎ๐ซ๐ž๐ค๐š ๐Ž๐ง๐ฅ๐ข๐ง๐ž ๐“๐ซ๐š๐ข๐ง๐ข๐ง๐  ๐š๐ง๐ ๐‚๐ž๐ซ๐ญ๐ข๐Ÿ๐ข๐œ๐š๐ญ๐ข๐จ๐ง--------- ๐Ÿ”ต DevOps Online Training: http://bit.ly/3qqcotZ ๐ŸŒ• Python Online Training: http://bit.ly/3i7DiDD ๐Ÿ”ต AWS Online Training: http://bit.ly/39EOIv9 ๐ŸŒ• RPA Online Training: http://bit.ly/39t6MrE ๐Ÿ”ต Data Science Online Training: http://bit.ly/3bywuOu ๐ŸŒ• Big Data Online Training: http://bit.ly/35ADG8L ๐Ÿ”ต Java Online Training: http://bit.ly/35Avwxb ๐ŸŒ• Selenium Online Training: http://bit.ly/2Ltn4ZE ๐Ÿ”ต PMP Online Training: http://bit.ly/2LMP3mT ๐ŸŒ• Tableau Online Training: http://bit.ly/38z4oR9 ๐Ÿ”ต Microsoft Azure Online Training: https://bit.ly/3wsAhV4 ๐ŸŒ• Power BI Online Training: https://bit.ly/3zq1WHX ---------๐„๐๐ฎ๐ซ๐ž๐ค๐š ๐Œ๐š๐ฌ๐ญ๐ž๐ซ๐ฌ ๐๐ซ๐จ๐ ๐ซ๐š๐ฆ๐ฌ--------- ๐Ÿ”ต DevOps Engineer Masters Program: http://bit.ly/2MY1OMc ๐ŸŒ• Cloud Architect Masters Program: http://bit.ly/2MY1OMc ๐Ÿ”ต Data Scientist Masters Program: http://bit.ly/3qaVZJA ๐ŸŒ• Big Data Architect Masters Program: http://bit.ly/3qaVZJA ๐Ÿ”ต Machine Learning Engineer Masters Program: http://bit.ly/3bxAhLG ๐ŸŒ• Business Intelligence Masters Program: http://bit.ly/3byBhiS ๐Ÿ”ต Python Developer Masters Program: http://bit.ly/3nw4Rb2 ๐ŸŒ• RPA Developer Masters Program: http://bit.ly/3nw4Rb2 ------------------------------------------------------- About the Splunk Training & Certification course by Edureka This Splunk Power User and Admin Certification Training includes concepts which are required for both Splunk Power Users and Splunk Administrators. By the end of this training, you will learn their roles, responsibilities and be ready for implementation. The Training helps you work with Configuration files and settings, use Searching & Reporting commands, use various Knowledge objects, and finally create Dashboards for visualization with the help of real-life Use-Cases. - - - - - - - - - - - - - - - - - - - Why should you go for Splunk Training & Certification by Edureka? Splunk is a leading Analytics tool which helps in Server Monitoring, Data Analytics & Data Visualization. Splunk captures, indexes, and correlates real-time data in a searchable repository from which it can generate graphs, reports, alerts, dashboards, and visualizations. This training certifies and lets you grab the top paying Splunk Admin/ Power User jobs. This training also makes Splunk, the ideal strategic platform for companies looking to solve data analytics issues of any size. --------------------------------------------------------------- What will you learn in the Splunk Training & Certification course? After completing our Splunk Power User & Admin training, you should be able to: Understand Splunk Power User/ Admin concepts Apply various Splunk techniques to visualize data using different graphs and dashboards Implement Splunk in the organization to Analyze and Monitor systems for operational intelligence Configure alerts and reports for monitoring purposes --------------------------------------------------------------- For more information, Please write back to us at sales@edureka.co or call us at IND: 9606058406 / US: 18338555775 (toll-free)

detail
{'title': 'Log Analysis with Splunk | How to use Splunk to analyse a Real time Log | Splunk Use Cases | Edureka', 'heatmap': [{'end': 1509.958, 'start': 1438.804, 'weight': 1}, {'end': 1612.687, 'start': 1542.506, 'weight': 0.826}, {'end': 2090.819, 'start': 2018.093, 'weight': 0.707}], 'summary': "Covers log analysis and monitoring with splunk, emphasizing its role in interpreting computer-generated records for it infrastructure insight, introducing splunk's features, installation, setup, report creation, and log analysis, with 313 events found and 5 hosts recorded.", 'chapters': [{'end': 87.002, 'segs': [{'end': 87.002, 'src': 'embed', 'start': 46.867, 'weight': 0, 'content': [{'end': 53.248, 'text': 'We will move ahead by understanding how Splunk works and the steps of log analysis and monitoring with Splunk.', 'start': 46.867, 'duration': 6.381}, {'end': 58.189, 'text': 'Then I will discuss some of the use cases of Splunk log analysis and monitoring.', 'start': 53.648, 'duration': 4.541}, {'end': 63.671, 'text': 'Then, I will discuss some of the use cases of Splunk log analysis and monitoring.', 'start': 58.869, 'duration': 4.802}, {'end': 72.675, 'text': 'And before wrapping up the session, I will show you the installation along with a small demo of how to use Splunk for log analysis and monitoring.', 'start': 64.251, 'duration': 8.424}, {'end': 77.537, 'text': 'Meanwhile, subscribe to our channel and hit the bell icon to never miss an update.', 'start': 73.276, 'duration': 4.261}, {'end': 84.541, 'text': 'And also, if you are looking for Splunk training and certification, check out the link given in the description box.', 'start': 77.978, 'duration': 6.563}, {'end': 87.002, 'text': "So, let's begin without further ado.", 'start': 85.061, 'duration': 1.941}], 'summary': 'Learn about splunk log analysis and monitoring, including use cases and installation demo.', 'duration': 40.135, 'max_score': 46.867, 'thumbnail': 'https://coursnap.oss-ap-southeast-1.aliyuncs.com/video-capture/OBHtu285aqE/pics/OBHtu285aqE46867.jpg'}], 'start': 7.282, 'title': 'Log analysis with splunk', 'summary': 'Introduces log analysis and monitoring with splunk, covering the need, advantages, working process, use cases, and a demonstration of splunk for log analysis and monitoring.', 'chapters': [{'end': 87.002, 'start': 7.282, 'title': 'Log analysis with splunk', 'summary': 'Introduces log analysis and monitoring with splunk, covering the need, advantages, working process, use cases, and a demonstration of splunk for log analysis and monitoring.', 'duration': 79.72, 'highlights': ['The session covers the need, advantages, and use cases of using Splunk for log analysis and monitoring, providing comprehensive insights for the viewers.', 'The presenter will demonstrate the installation process and provide a small demo of how to use Splunk for log analysis and monitoring, offering practical guidance to the audience.', 'The agenda includes introducing log analysis and monitoring, explaining what Splunk is, and discussing the steps of log analysis and monitoring with Splunk, ensuring a thorough understanding of the topic.', 'The session also encourages viewers to subscribe for updates and offers information about Splunk training and certification, aiming to engage the audience and provide further learning opportunities.']}], 'duration': 79.72, 'thumbnail': 'https://coursnap.oss-ap-southeast-1.aliyuncs.com/video-capture/OBHtu285aqE/pics/OBHtu285aqE7282.jpg', 'highlights': ['The session covers the need, advantages, and use cases of using Splunk for log analysis and monitoring, providing comprehensive insights for the viewers.', 'The agenda includes introducing log analysis and monitoring, explaining what Splunk is, and discussing the steps of log analysis and monitoring with Splunk, ensuring a thorough understanding of the topic.', 'The presenter will demonstrate the installation process and provide a small demo of how to use Splunk for log analysis and monitoring, offering practical guidance to the audience.', 'The session also encourages viewers to subscribe for updates and offers information about Splunk training and certification, aiming to engage the audience and provide further learning opportunities.']}, {'end': 472.265, 'segs': [{'end': 189.935, 'src': 'embed', 'start': 163.032, 'weight': 0, 'content': [{'end': 171.56, 'text': 'Examples of logs might include sign-in and sign-out requests on a website, transactions made on a currency exchange,', 'start': 163.032, 'duration': 8.528}, {'end': 176.785, 'text': 'calls made to an informational API and various other industry-specific actions.', 'start': 171.56, 'duration': 5.225}, {'end': 189.935, 'text': 'Log analysis gives visibility into the performance and health of IT infrastructure and application stacks through the review and interpretation of logs that are generated by network operating systems,', 'start': 177.526, 'duration': 12.409}], 'summary': 'Log analysis provides visibility into it infrastructure and application performance through review and interpretation of various industry-specific logs.', 'duration': 26.903, 'max_score': 163.032, 'thumbnail': 'https://coursnap.oss-ap-southeast-1.aliyuncs.com/video-capture/OBHtu285aqE/pics/OBHtu285aqE163032.jpg'}, {'end': 472.265, 'src': 'embed', 'start': 396.393, 'weight': 2, 'content': [{'end': 406.297, 'text': 'Log file analysis can demonstrate that HIPAA, PCI or GDPR or other regulations mandates are in fact being met by the organizations.', 'start': 396.393, 'duration': 9.904}, {'end': 415.584, 'text': 'Discussing about security enhancements, as cybercrime becomes increasingly organized, the need for stronger countermeasures also grows.', 'start': 406.917, 'duration': 8.667}, {'end': 426.353, 'text': 'Event log analysis provides powerful tools for taking proactive measures and enables forensic examinations after the fact if a breach or data loss does occur.', 'start': 416.085, 'duration': 10.268}, {'end': 431.799, 'text': 'A log analysis framework helps improve efficiency across the organization.', 'start': 427.094, 'duration': 4.705}, {'end': 439.306, 'text': "IT resources in every department can share a single log repository and analysis of an organization's data.", 'start': 432.439, 'duration': 6.867}, {'end': 444.871, 'text': 'especially the log data, can help spot errors or trends in every business unit and department.', 'start': 439.306, 'duration': 5.565}, {'end': 447.392, 'text': 'enabling rapid remediation.', 'start': 445.351, 'duration': 2.041}, {'end': 454.616, 'text': 'Talking about high availability, so timely action that occurs, based on information uncovered by log analysis,', 'start': 447.852, 'duration': 6.764}, {'end': 456.997, 'text': 'can prevent an issue from causing downtime.', 'start': 454.616, 'duration': 2.381}, {'end': 465.301, 'text': 'Talking about the sales and marketing effectiveness by tracking matrices such as traffic volume and the pages that customers visit.', 'start': 457.477, 'duration': 7.824}, {'end': 472.265, 'text': 'log analysis can help sales and marketing professionals understand what programs are effective and what should be changed.', 'start': 465.301, 'duration': 6.964}], 'summary': 'Log analysis aids in meeting regulations, enhancing security, and improving efficiency across departments.', 'duration': 75.872, 'max_score': 396.393, 'thumbnail': 'https://coursnap.oss-ap-southeast-1.aliyuncs.com/video-capture/OBHtu285aqE/pics/OBHtu285aqE396393.jpg'}], 'start': 87.722, 'title': 'Log analysis', 'summary': 'Provides an introduction to log analysis, elucidating its role in interpreting computer-generated records for insight into it infrastructure and its applications across industries. it further explains log monitoring and analysis, highlighting the benefits including compliance, security enhancements, efficiency, high availability, and sales and marketing effectiveness.', 'chapters': [{'end': 189.935, 'start': 87.722, 'title': 'Introduction to log analysis', 'summary': 'Introduces the concept of log analysis as the process of interpreting computer-generated records called logs, providing visibility into the performance and health of it infrastructure and application stacks, and its applications in various industries.', 'duration': 102.213, 'highlights': ['Log analysis is the process of interpreting computer-generated records called logs. Log analysis is the process of interpreting computer-generated records called logs, providing visibility into the performance and health of IT infrastructure and application stacks.', 'It involves a large amount of data and gives visibility into the performance and health of IT infrastructure and application stacks. Log analysis involves a large amount of data and gives visibility into the performance and health of IT infrastructure and application stacks.', 'Applications of log analysis are endless, including sign-in/sign-out requests on a website, transactions on a currency exchange, calls to an informational API, and other industry-specific actions. Log analysis has endless applications, including sign-in/sign-out requests on a website, transactions on a currency exchange, calls to an informational API, and other industry-specific actions.']}, {'end': 472.265, 'start': 189.935, 'title': 'Log monitoring and analysis', 'summary': 'Explains log monitoring and analysis, the process of logging, log management software, the difference between log analysis and log monitoring, the need for log analysis and monitoring, and the benefits of log monitoring and analysis which include compliance, security enhancements, efficiency, high availability, sales, and marketing effectiveness.', 'duration': 282.33, 'highlights': ['Log file analysis can demonstrate that HIPAA, PCI or GDPR or other regulations mandates are in fact being met by the organizations. Log file analysis helps organizations demonstrate compliance with regulations such as HIPAA, PCI, or GDPR, ensuring that mandates are met.', 'Event log analysis provides powerful tools for taking proactive measures and enables forensic examinations after the fact if a breach or data loss does occur. Event log analysis enables proactive measures and forensic examinations after a breach, enhancing security measures.', 'A log analysis framework helps improve efficiency across the organization, enabling rapid remediation. Log analysis framework improves organizational efficiency and facilitates rapid issue resolution.', 'Timely action that occurs, based on information uncovered by log analysis, can prevent an issue from causing downtime. Timely action based on log analysis can prevent issues from causing downtime, ensuring high availability.', 'Log analysis can help sales and marketing professionals understand what programs are effective and what should be changed. Log analysis aids in understanding the effectiveness of sales and marketing programs, facilitating necessary changes.']}], 'duration': 384.543, 'thumbnail': 'https://coursnap.oss-ap-southeast-1.aliyuncs.com/video-capture/OBHtu285aqE/pics/OBHtu285aqE87722.jpg', 'highlights': ['Log analysis provides visibility into the performance and health of IT infrastructure and application stacks.', 'Log analysis has endless applications, including sign-in/sign-out requests on a website, transactions on a currency exchange, calls to an informational API, and other industry-specific actions.', 'Log file analysis helps organizations demonstrate compliance with regulations such as HIPAA, PCI, or GDPR, ensuring that mandates are met.', 'Event log analysis enables proactive measures and forensic examinations after a breach, enhancing security measures.', 'Log analysis framework improves organizational efficiency and facilitates rapid issue resolution.', 'Timely action based on log analysis can prevent issues from causing downtime, ensuring high availability.', 'Log analysis aids in understanding the effectiveness of sales and marketing programs, facilitating necessary changes.']}, {'end': 928.114, 'segs': [{'end': 532.563, 'src': 'embed', 'start': 509.128, 'weight': 1, 'content': [{'end': 517.35, 'text': 'As we know Splunk is a horizontal technology used for application management, security and compliance as well as business and web analytics.', 'start': 509.128, 'duration': 8.222}, {'end': 526.237, 'text': 'So there are basically three categories of the product available which are Splunk Enterprise, Splunk Cloud and Splunk Lite.', 'start': 517.99, 'duration': 8.247}, {'end': 532.563, 'text': 'So Splunk Enterprise is used by companies which have large IT infrastructure and IT driven business.', 'start': 526.658, 'duration': 5.905}], 'summary': 'Splunk is a horizontal technology with three categories: splunk enterprise, splunk cloud, and splunk lite.', 'duration': 23.435, 'max_score': 509.128, 'thumbnail': 'https://coursnap.oss-ap-southeast-1.aliyuncs.com/video-capture/OBHtu285aqE/pics/OBHtu285aqE509128.jpg'}, {'end': 587.938, 'src': 'embed', 'start': 555.64, 'weight': 2, 'content': [{'end': 559.683, 'text': 'report and alert on all the log data in real time from one place.', 'start': 555.64, 'duration': 4.043}, {'end': 564.546, 'text': 'It has limited features and functionalities as compared to the other two versions.', 'start': 560.143, 'duration': 4.403}, {'end': 575.612, 'text': 'Now let me tell you the reasons why one should use Splunk for log analysis and monitoring as it analyzes the aggregate of logs from a big service cluster.', 'start': 565.228, 'duration': 10.384}, {'end': 579.674, 'text': 'It generates report and alerts for the desired search.', 'start': 576.253, 'duration': 3.421}, {'end': 587.938, 'text': 'It provides enhanced GUIs that are the graphical user interfaces and real-time visibility in dashboard in various formats.', 'start': 580.234, 'duration': 7.704}], 'summary': 'Splunk offers real-time log analysis, reporting, and alerts for big service clusters, providing enhanced guis and dashboard visibility.', 'duration': 32.298, 'max_score': 555.64, 'thumbnail': 'https://coursnap.oss-ap-southeast-1.aliyuncs.com/video-capture/OBHtu285aqE/pics/OBHtu285aqE555640.jpg'}, {'end': 736.794, 'src': 'embed', 'start': 692.939, 'weight': 0, 'content': [{'end': 699.201, 'text': 'Splunk lets you search, alert, report and monitor all your logs from one location in real time.', 'start': 692.939, 'duration': 6.262}, {'end': 702.001, 'text': 'Splunk indexes all your IT data,', 'start': 699.741, 'duration': 2.26}, {'end': 711.104, 'text': 'including custom application logs and multi-line logs across virtual and non-virtual environments without the need for custom parsers or connectors.', 'start': 702.001, 'duration': 9.103}, {'end': 720.106, 'text': 'You can troubleshoot application outages, investigate security incidents and demonstrate compliance in minutes not hours or days.', 'start': 711.684, 'duration': 8.422}, {'end': 725.368, 'text': "Now, let's just have a look on the steps of Splunk log analysis and monitoring.", 'start': 720.746, 'duration': 4.622}, {'end': 734.133, 'text': 'So it starts with installing Splunk server, then setting up index to store data, then creating a listener to receive data,', 'start': 726.009, 'duration': 8.124}, {'end': 736.794, 'text': 'then installing Splunk universal forwarder,', 'start': 734.133, 'duration': 2.661}], 'summary': 'Splunk enables real-time log analysis and monitoring, offering quick troubleshooting and compliance demonstration, with a streamlined process involving server installation, index setup, listener creation, and forwarder installation.', 'duration': 43.855, 'max_score': 692.939, 'thumbnail': 'https://coursnap.oss-ap-southeast-1.aliyuncs.com/video-capture/OBHtu285aqE/pics/OBHtu285aqE692939.jpg'}, {'end': 777.711, 'src': 'embed', 'start': 753.781, 'weight': 5, 'content': [{'end': 762.984, 'text': 'So log analysis serves several different purposes like to comply with internal security policies and outside regulations and audits.', 'start': 753.781, 'duration': 9.203}, {'end': 767.685, 'text': 'to understand and respond to data breaches and other security incidents.', 'start': 762.984, 'duration': 4.701}, {'end': 770.546, 'text': 'to troubleshoot systems, computers or networks.', 'start': 767.685, 'duration': 2.861}, {'end': 777.711, 'text': 'to understand the behaviors of your users and to conduct forensics in the event of an investigation.', 'start': 771.186, 'duration': 6.525}], 'summary': 'Log analysis serves to comply with security policies, troubleshoot systems, and conduct forensics.', 'duration': 23.93, 'max_score': 753.781, 'thumbnail': 'https://coursnap.oss-ap-southeast-1.aliyuncs.com/video-capture/OBHtu285aqE/pics/OBHtu285aqE753781.jpg'}, {'end': 869.164, 'src': 'embed', 'start': 845.556, 'weight': 6, 'content': [{'end': 852.457, 'text': 'we can use a Splunk Universal or Heavy Forwarder to collect the data and forward it to our Splunk Cloud deployment.', 'start': 845.556, 'duration': 6.901}, {'end': 859.878, 'text': 'As a best practice, we can use the Splunk add-on for Windows to simplify the process of getting data into Splunk Cloud.', 'start': 852.877, 'duration': 7.001}, {'end': 869.164, 'text': 'Now, here comes the question that why to monitor event logs? So Windows event logs are the core metric of Windows machine operations.', 'start': 860.338, 'duration': 8.826}], 'summary': 'Utilize splunk forwarder to collect & forward data to splunk cloud, leveraging splunk add-on for windows to simplify data acquisition. monitoring windows event logs is essential for assessing machine operations.', 'duration': 23.608, 'max_score': 845.556, 'thumbnail': 'https://coursnap.oss-ap-southeast-1.aliyuncs.com/video-capture/OBHtu285aqE/pics/OBHtu285aqE845556.jpg'}], 'start': 472.765, 'title': 'Splunk: log analysis & monitoring tool', 'summary': 'Introduces splunk, a software for processing insights from machine and big data, outlining its features, categories, usage, and reasons for use. it also explains how splunk enterprise indexes and monitors various data types, provides real-time search, alerting, reporting, and monitoring capabilities, and covers steps of log analysis, use cases, and monitoring windows event logs with splunk cloud.', 'chapters': [{'end': 621.582, 'start': 472.765, 'title': 'Splunk: log analysis & monitoring tool', 'summary': 'Introduces splunk, a software that processes and brings out insights from machine data and big data, and outlines its features, including its three categories, usage, and reasons for use.', 'duration': 148.817, 'highlights': ['Splunk is a software that processes and brings out insights from machine data and other forms of big data, and it automatically puts data from various sources and accepts data in any format.', 'Splunk offers three categories: Splunk Enterprise for large IT infrastructure and IT-driven businesses, Splunk Cloud for cloud-hosted platform, and Splunk Lite for real-time log data search, report, and alert.', 'Reasons for using Splunk for log analysis and monitoring include analyzing logs from a big service cluster, providing enhanced GUIs and real-time visibility in dashboards, monitoring AWS infrastructure, and finding real-time logs and providing quick results to troubleshoot and resolve issues.']}, {'end': 928.114, 'start': 622.122, 'title': 'Splunk log analysis', 'summary': 'Explains how splunk enterprise indexes and monitors various types of data, including live application logs, and provides real-time search, alerting, reporting, and monitoring capabilities, ultimately helping in troubleshooting, investigating security incidents, and demonstrating compliance. it also covers the steps of splunk log analysis and monitoring, use cases for log analysis, and the process of monitoring windows event logs with splunk cloud.', 'duration': 305.992, 'highlights': ["Splunk Enterprise indexes all IT data, including custom application logs and multi-line logs across virtual and non-virtual environments without custom parsers or connectors, facilitating real-time search, alerting, reporting, and monitoring. Splunk Enterprise's capability to index various types of IT data, including live application logs, without the need for custom parsers or connectors, enables real-time search, alerting, reporting, and monitoring, ultimately contributing to troubleshooting, investigating security incidents, and demonstrating compliance.", 'The chapter outlines the steps of Splunk log analysis and monitoring, including installing Splunk server, setting up index to store data, creating a listener to receive data, installing Splunk universal forwarder, setting up forward server and monitor, searching and viewing reports, and collecting matrices. The detailed steps of Splunk log analysis and monitoring, from installing the server to collecting matrices, are outlined, showcasing the comprehensive process involved in utilizing Splunk for log analysis and monitoring.', 'The chapter discusses use cases for log analysis, such as complying with internal security policies and regulations, troubleshooting systems, understanding user behavior, and conducting forensics, underscoring the diverse purposes log analysis serves and its significance in saving time for problem diagnosis and infrastructure management. The various use cases for log analysis, including compliance, troubleshooting, understanding user behavior, and forensics, are highlighted, emphasizing the importance of log analysis in meeting security policies and regulations, troubleshooting, and saving time for problem diagnosis and infrastructure management.', 'The process of monitoring Windows event logs with Splunk Cloud is explained, emphasizing the use of a Splunk Universal or Heavy Forwarder and the Splunk add-on for Windows to simplify the data collection process. The detailed process of monitoring Windows event logs with Splunk Cloud, utilizing Splunk Universal or Heavy Forwarder and the Splunk add-on for Windows to simplify data collection, is outlined, providing insights into the best practices for monitoring Windows event logs.']}], 'duration': 455.349, 'thumbnail': 'https://coursnap.oss-ap-southeast-1.aliyuncs.com/video-capture/OBHtu285aqE/pics/OBHtu285aqE472765.jpg', 'highlights': ['Splunk processes insights from machine and big data, accepting data in any format.', 'Splunk offers three categories: Splunk Enterprise, Splunk Cloud, and Splunk Lite.', 'Reasons for using Splunk include log analysis, monitoring AWS infrastructure, and providing real-time logs for troubleshooting.', 'Splunk Enterprise indexes all IT data without custom parsers, enabling real-time search and monitoring.', 'The chapter outlines the steps of Splunk log analysis and monitoring, showcasing the comprehensive process involved.', 'Use cases for log analysis include complying with security policies, troubleshooting systems, and conducting forensics.', 'The process of monitoring Windows event logs with Splunk Cloud is explained, emphasizing best practices for data collection.']}, {'end': 2031.48, 'segs': [{'end': 955.827, 'src': 'embed', 'start': 928.114, 'weight': 2, 'content': [{'end': 932.836, 'text': 'and then you will have to check this thing to agree with the terms and conditions of Splunk,', 'start': 928.114, 'duration': 4.722}, {'end': 940.84, 'text': 'and also you have to check this one where you have to agree to the privacy policies of Splunk those you can go through once if you want,', 'start': 932.836, 'duration': 8.004}, {'end': 944.701, 'text': 'and then you can just click on, create your account and your account will be created.', 'start': 940.84, 'duration': 3.861}, {'end': 950.264, 'text': 'then you can log in to your account from here or some here, and then you can install it.', 'start': 944.701, 'duration': 5.563}, {'end': 952.245, 'text': 'you can download Splunk Enterprise.', 'start': 950.264, 'duration': 1.981}, {'end': 955.827, 'text': "Okay, so I already have an account because I've already registered for it.", 'start': 952.265, 'duration': 3.562}], 'summary': 'Agree to terms, create account, download splunk enterprise.', 'duration': 27.713, 'max_score': 928.114, 'thumbnail': 'https://coursnap.oss-ap-southeast-1.aliyuncs.com/video-capture/OBHtu285aqE/pics/OBHtu285aqE928114.jpg'}, {'end': 989.023, 'src': 'embed', 'start': 966.093, 'weight': 1, 'content': [{'end': 974.127, 'text': "Now. once I'll get logged in, then I'll an option to download the Splunk Enterprise Now here.", 'start': 966.093, 'duration': 8.034}, {'end': 977.931, 'text': 'as you can see, multiple options, like multiple versions, will be present.', 'start': 974.127, 'duration': 3.804}, {'end': 980.133, 'text': 'So for now, you can see for Windows.', 'start': 978.271, 'duration': 1.862}, {'end': 984.258, 'text': 'We have this Windows 10 Windows Server 2016 and 2019.', 'start': 980.173, 'duration': 4.085}, {'end': 986.861, 'text': 'So MSI file will be available for Linux.', 'start': 984.258, 'duration': 2.603}, {'end': 989.023, 'text': 'We have the other ones for Mac OS.', 'start': 986.921, 'duration': 2.102}], 'summary': 'Splunk enterprise offers multiple versions for windows, linux, and mac os.', 'duration': 22.93, 'max_score': 966.093, 'thumbnail': 'https://coursnap.oss-ap-southeast-1.aliyuncs.com/video-capture/OBHtu285aqE/pics/OBHtu285aqE966093.jpg'}, {'end': 1030.415, 'src': 'embed', 'start': 1007.509, 'weight': 6, 'content': [{'end': 1015.111, 'text': 'It will get downloaded and one more thing like you are downloading Splunk Enterprise 8.2.0 for Windows.', 'start': 1007.509, 'duration': 7.602}, {'end': 1022.013, 'text': 'Okay, so this is the version 8.2 point and there are multiple past versions available according to your Windows,', 'start': 1015.211, 'duration': 6.802}, {'end': 1026.194, 'text': 'like it is for Windows 10 if you are using Windows 8, Windows 7, Windows 8.1..', 'start': 1022.013, 'duration': 4.181}, {'end': 1030.415, 'text': 'So accordingly you can download the past versions that will be present.', 'start': 1026.194, 'duration': 4.221}], 'summary': 'Download splunk enterprise 8.2.0 for windows, with multiple past versions available for different windows versions.', 'duration': 22.906, 'max_score': 1007.509, 'thumbnail': 'https://coursnap.oss-ap-southeast-1.aliyuncs.com/video-capture/OBHtu285aqE/pics/OBHtu285aqE1007509.jpg'}, {'end': 1130.133, 'src': 'embed', 'start': 1100.549, 'weight': 0, 'content': [{'end': 1102.731, 'text': 'so it is like a normal software installation.', 'start': 1100.549, 'duration': 2.182}, {'end': 1106.394, 'text': 'Now, here you can see this is the installer.', 'start': 1103.371, 'duration': 3.023}, {'end': 1113.74, 'text': 'Splunk Enterprise installer will check this box to accept the license agreement and we can just view the license agreement also, if you want,', 'start': 1106.394, 'duration': 7.346}, {'end': 1116.702, 'text': 'and you can see the default installation options over here.', 'start': 1113.74, 'duration': 2.962}, {'end': 1123.447, 'text': "like this, Enterprise will be installed under our C drive, under the program files and under Splunk's folder,", 'start': 1116.702, 'duration': 6.745}, {'end': 1130.133, 'text': 'and then we will run Splunk Enterprise as local system account and start menu shortcut will also be created with this.', 'start': 1123.447, 'duration': 6.686}], 'summary': 'Splunk enterprise installed on c drive under program files, started as local system account, with start menu shortcut.', 'duration': 29.584, 'max_score': 1100.549, 'thumbnail': 'https://coursnap.oss-ap-southeast-1.aliyuncs.com/video-capture/OBHtu285aqE/pics/OBHtu285aqE1100549.jpg'}, {'end': 1214.879, 'src': 'embed', 'start': 1164.928, 'weight': 3, 'content': [{'end': 1168.551, 'text': 'I wanted so I kept it as check now I click on install.', 'start': 1164.928, 'duration': 3.623}, {'end': 1172.735, 'text': 'So it will take some time like installing other softwares.', 'start': 1169.392, 'duration': 3.343}, {'end': 1177.258, 'text': 'Also, it is the easiest tool to install like any other normal software.', 'start': 1172.855, 'duration': 4.403}, {'end': 1179.08, 'text': 'Let me just give the password.', 'start': 1177.278, 'duration': 1.802}, {'end': 1188.217, 'text': 'And meanwhile, let me tell you that Splunk is the tool which has been used by 91 out of hundred Fortune organizations.', 'start': 1180.871, 'duration': 7.346}, {'end': 1196.004, 'text': 'And as we know Splunk Enterprise Splunk cloud and Splunk light is available for Splunk Enterprise.', 'start': 1189.058, 'duration': 6.946}, {'end': 1199.126, 'text': 'There is 60 days free trial for Splunk cloud.', 'start': 1196.284, 'duration': 2.842}, {'end': 1202.509, 'text': 'We have 14 days free trial and for Splunk light.', 'start': 1199.166, 'duration': 3.343}, {'end': 1204.791, 'text': 'Also, we have some 60 days free trial.', 'start': 1202.629, 'duration': 2.162}, {'end': 1209.415, 'text': 'So Splunk Enterprise will be run at our local machine and Splunk Cloud.', 'start': 1205.211, 'duration': 4.204}, {'end': 1212.757, 'text': 'We can just access it on web as a cloud cloud service.', 'start': 1209.455, 'duration': 3.302}, {'end': 1214.879, 'text': 'Now it is copying the new files.', 'start': 1213.318, 'duration': 1.561}], 'summary': 'Splunk is used by 91% of fortune organizations, offering 60-day free trials for splunk cloud and 14 days for splunk light.', 'duration': 49.951, 'max_score': 1164.928, 'thumbnail': 'https://coursnap.oss-ap-southeast-1.aliyuncs.com/video-capture/OBHtu285aqE/pics/OBHtu285aqE1164928.jpg'}, {'end': 1331.438, 'src': 'embed', 'start': 1304.625, 'weight': 4, 'content': [{'end': 1311.609, 'text': 'their users can go to find apps and add-ons for Splunk which can improve the functionality and usefulness of Splunk,', 'start': 1304.625, 'duration': 6.984}, {'end': 1316.753, 'text': 'as well as provide a quick and easy interface for specific use cases or vendor products.', 'start': 1311.609, 'duration': 5.144}, {'end': 1327.335, 'text': 'So as of 2019, there were more than 2,000 apps available on the framework and integrations on Splunk base, include the Splunk app for New Relic,', 'start': 1317.426, 'duration': 9.909}, {'end': 1331.438, 'text': 'the ForScout extended module for Splunk and Splunk app for AWS.', 'start': 1327.335, 'duration': 4.103}], 'summary': 'In 2019, splunk base had over 2,000 apps and integrations, including the splunk app for new relic, forscout extended module, and splunk app for aws.', 'duration': 26.813, 'max_score': 1304.625, 'thumbnail': 'https://coursnap.oss-ap-southeast-1.aliyuncs.com/video-capture/OBHtu285aqE/pics/OBHtu285aqE1304625.jpg'}, {'end': 1509.958, 'src': 'heatmap', 'start': 1438.804, 'weight': 1, 'content': [{'end': 1439.825, 'text': 'So let me start.', 'start': 1438.804, 'duration': 1.021}, {'end': 1447.449, 'text': 'So before starting with searching and reporting we need the data and here we are going to analyze and monitor our Windows logs.', 'start': 1440.245, 'duration': 7.204}, {'end': 1450.35, 'text': 'So we have to give it as a data input.', 'start': 1447.929, 'duration': 2.421}, {'end': 1456.093, 'text': "So we'll go to this settings tab and then in this data part, we will go to data inputs.", 'start': 1450.75, 'duration': 5.343}, {'end': 1461.936, 'text': 'So here we will specify from where we want to take the data that is going to be our Windows log data.', 'start': 1456.733, 'duration': 5.203}, {'end': 1464.297, 'text': 'that we will choose and show you that.', 'start': 1462.396, 'duration': 1.901}, {'end': 1469.14, 'text': 'so let it get loaded and then we will specify the details which it will ask.', 'start': 1464.297, 'duration': 4.843}, {'end': 1472.382, 'text': "it's taking a little time to load in.", 'start': 1469.14, 'duration': 3.242}, {'end': 1473.803, 'text': 'yeah, here it comes.', 'start': 1472.382, 'duration': 1.421}, {'end': 1478.366, 'text': "so here you can see the local inputs and here you can see it's written.", 'start': 1473.803, 'duration': 4.563}, {'end': 1484.33, 'text': 'like we can set up the data inputs from files and directories, network ports, all these things which are available over here.', 'start': 1478.366, 'duration': 5.964}, {'end': 1488.693, 'text': 'and if you want to set up forwarding and receiving between two Splunk instances,', 'start': 1484.33, 'duration': 4.363}, {'end': 1493.495, 'text': 'we can go for forwarding and receiving and I will show you how to use that forwarding and receiving.', 'start': 1488.693, 'duration': 4.802}, {'end': 1497.035, 'text': "but for the local machine, because I'll be working with the local machine,", 'start': 1493.495, 'duration': 3.54}, {'end': 1505.777, 'text': "the data will be coming from my local machine itself and I'll be using it in a single Splunk instance which was mine instance.", 'start': 1497.035, 'duration': 8.742}, {'end': 1509.958, 'text': "So we'll click on local event log collection.", 'start': 1506.697, 'duration': 3.261}], 'summary': 'Analyzing and monitoring windows logs for data input in splunk, specifying local event log collection.', 'duration': 71.154, 'max_score': 1438.804, 'thumbnail': 'https://coursnap.oss-ap-southeast-1.aliyuncs.com/video-capture/OBHtu285aqE/pics/OBHtu285aqE1438804.jpg'}, {'end': 1612.687, 'src': 'heatmap', 'start': 1542.506, 'weight': 0.826, 'content': [{'end': 1544.687, 'text': "Then we'll go with this local event collection.", 'start': 1542.506, 'duration': 2.181}, {'end': 1547.148, 'text': 'So, starting with files and directories,', 'start': 1545.327, 'duration': 1.821}, {'end': 1554.45, 'text': 'will click on it and then we can index any of the local files and we can monitor the entire file or the directory part.', 'start': 1547.148, 'duration': 7.302}, {'end': 1556.431, 'text': "So we'll create a new file.", 'start': 1554.85, 'duration': 1.581}, {'end': 1563.053, 'text': 'So here you can see multiple files and multiple data sources are available.', 'start': 1557.111, 'duration': 5.942}, {'end': 1571.756, 'text': 'So we will click on new local file and directory so that we can define the source type also and we want the Windows logs data.', 'start': 1563.613, 'duration': 8.143}, {'end': 1574.477, 'text': 'So we will be creating a new file of the directory.', 'start': 1571.776, 'duration': 2.701}, {'end': 1579.779, 'text': 'So it is getting loaded and then we will have to specify our details.', 'start': 1575.558, 'duration': 4.221}, {'end': 1581.5, 'text': 'Now here it comes.', 'start': 1580.479, 'duration': 1.021}, {'end': 1584.241, 'text': 'So we have selected files and directories.', 'start': 1582.58, 'duration': 1.661}, {'end': 1588.866, 'text': 'now we can browse what files we have to browse.', 'start': 1585.043, 'duration': 3.823}, {'end': 1593.13, 'text': 'so in c drive let me go with the program files.', 'start': 1588.866, 'duration': 4.264}, {'end': 1594.511, 'text': 'we want windows.', 'start': 1593.13, 'duration': 1.381}, {'end': 1600.316, 'text': "so we'll go to windows and then here we can select any of the things, what we want to monitor.", 'start': 1594.511, 'duration': 5.805}, {'end': 1602.158, 'text': "so let's just look at this.", 'start': 1600.316, 'duration': 1.842}, {'end': 1603.96, 'text': "maybe we'll go for logs.", 'start': 1602.158, 'duration': 1.802}, {'end': 1609.224, 'text': 'now, here it comes multiple logs, like logs for multiple processes and all.', 'start': 1603.96, 'duration': 5.264}, {'end': 1612.687, 'text': 'so we will go for system restore.', 'start': 1609.224, 'duration': 3.463}], 'summary': 'Configuring local event collection for windows logs data, monitoring specific files and directories, and selecting system restore logs.', 'duration': 70.181, 'max_score': 1542.506, 'thumbnail': 'https://coursnap.oss-ap-southeast-1.aliyuncs.com/video-capture/OBHtu285aqE/pics/OBHtu285aqE1542506.jpg'}, {'end': 1793.668, 'src': 'embed', 'start': 1770.068, 'weight': 7, 'content': [{'end': 1776.872, 'text': 'We have given search and host is this and the indexes we have created new one that is demo 1 now we click on submit.', 'start': 1770.068, 'duration': 6.804}, {'end': 1779.294, 'text': 'So file input has been created successfully.', 'start': 1777.232, 'duration': 2.062}, {'end': 1783.317, 'text': 'Now we can start searching we can extract the fields.', 'start': 1780.174, 'duration': 3.143}, {'end': 1784.579, 'text': 'We can add more data.', 'start': 1783.357, 'duration': 1.222}, {'end': 1786.541, 'text': 'We can download multiple applications.', 'start': 1784.619, 'duration': 1.922}, {'end': 1788.362, 'text': 'We can build dashboards as well.', 'start': 1786.581, 'duration': 1.781}, {'end': 1793.668, 'text': 'And now here you can see the examples and tutorials learn more about fields.', 'start': 1789.003, 'duration': 4.665}], 'summary': "Created new index 'demo 1', successfully built file input, and can download multiple applications.", 'duration': 23.6, 'max_score': 1770.068, 'thumbnail': 'https://coursnap.oss-ap-southeast-1.aliyuncs.com/video-capture/OBHtu285aqE/pics/OBHtu285aqE1770068.jpg'}, {'end': 1841.14, 'src': 'embed', 'start': 1815.861, 'weight': 8, 'content': [{'end': 1822.364, 'text': 'Although we are going to work with our local machine, but still so in this forwarding and receiving we just will.', 'start': 1815.861, 'duration': 6.503}, {'end': 1827.228, 'text': 'Clicked settings and from there we have clicked on forwarding at receiving.', 'start': 1822.904, 'duration': 4.324}, {'end': 1832.372, 'text': 'So let it get loaded and then we will specify the receiver and the forwarder.', 'start': 1827.708, 'duration': 4.664}, {'end': 1834.834, 'text': 'So basically we are going to work on the local machine.', 'start': 1832.953, 'duration': 1.881}, {'end': 1837.256, 'text': 'We will specify for our local host.', 'start': 1834.854, 'duration': 2.402}, {'end': 1841.14, 'text': 'So these are forwarding defaults will configure the forwarding part.', 'start': 1837.777, 'duration': 3.363}], 'summary': 'Configuring forwarding and receiving on the local machine.', 'duration': 25.279, 'max_score': 1815.861, 'thumbnail': 'https://coursnap.oss-ap-southeast-1.aliyuncs.com/video-capture/OBHtu285aqE/pics/OBHtu285aqE1815861.jpg'}, {'end': 2034.181, 'src': 'embed', 'start': 2010.39, 'weight': 9, 'content': [{'end': 2017.553, 'text': 'So encounter the following error while trying to save that is failed to create because configuration for port 9997 already exists.', 'start': 2010.39, 'duration': 7.163}, {'end': 2023.036, 'text': "So we'll just go back and we'll click on receive data and then we will see if that is present.", 'start': 2018.093, 'duration': 4.943}, {'end': 2024.536, 'text': "So it didn't get deleted.", 'start': 2023.556, 'duration': 0.98}, {'end': 2026.157, 'text': "That's why it is already present.", 'start': 2024.656, 'duration': 1.501}, {'end': 2031.48, 'text': 'So now you know how to set up the receiver or the listener and how to set up the forwarder.', 'start': 2026.637, 'duration': 4.843}, {'end': 2032.96, 'text': "Now we'll move ahead.", 'start': 2031.98, 'duration': 0.98}, {'end': 2034.181, 'text': "We'll go to the home page.", 'start': 2033.08, 'duration': 1.101}], 'summary': 'Encountered error creating configuration for port 9997, failed to delete, receiver and forwarder setup explained, moving to home page.', 'duration': 23.791, 'max_score': 2010.39, 'thumbnail': 'https://coursnap.oss-ap-southeast-1.aliyuncs.com/video-capture/OBHtu285aqE/pics/OBHtu285aqE2010390.jpg'}], 'start': 928.114, 'title': 'Splunk enterprise installation, setup, and configuration', 'summary': 'Provides a detailed guide on installing splunk enterprise, including creating an account, downloading the software, and installing version 8.2.0 for windows. it also covers system compatibility, setup, configuration, and troubleshooting, highlighting the wide range of products and apps offered by splunk and its popularity in fortune organizations.', 'chapters': [{'end': 1007.369, 'start': 928.114, 'title': 'Splunk enterprise installation process', 'summary': 'Outlines the process of creating a splunk account, logging in, and downloading the splunk enterprise software for installation, including options for different operating systems and versions.', 'duration': 79.255, 'highlights': ['The process involves agreeing to the terms and conditions and privacy policies of Splunk before creating an account.', 'After logging in, users can choose from multiple versions of Splunk Enterprise for different operating systems, such as Windows, Linux, and Mac OS.', 'The user specifies downloading the Windows 64-bit version of Splunk Enterprise, which will be available in the downloads folder for installation.']}, {'end': 1685.572, 'start': 1007.509, 'title': 'Splunk enterprise 8.2.0 installation process', 'summary': 'Details the process of downloading and installing splunk enterprise 8.2.0 for windows, including the availability of past versions, system compatibility, the ease of installation, and the wide range of products and apps offered by splunk. it also highlights the availability of free trials, the popularity of splunk in fortune organizations, and the features and functionalities of splunk enterprise.', 'duration': 678.063, 'highlights': ["Splunk is used by 91 out of 100 Fortune organizations. Splunk's widespread adoption in 91% of Fortune organizations.", 'Splunk offers a 60-day free trial for Splunk Cloud and 14-day free trial for Splunk Light. The availability of 60-day free trial for Splunk Cloud and 14-day free trial for Splunk Light.', 'There are more than 2,000 apps available on Splunk base, including integrations such as the Splunk app for New Relic and Splunk app for AWS. The extensive range of apps and integrations available on Splunk base, with more than 2,000 apps, including notable ones like Splunk app for New Relic and Splunk app for AWS.', 'Splunk Enterprise offers features such as Splunk Dashboards, Splunk Enterprise Security, and the Search app. The features available in Splunk Enterprise, including Splunk Dashboards, Splunk Enterprise Security, and the Search app.', 'The installation process for Splunk Enterprise is highlighted as easy and similar to installing any other software. Emphasizing the ease of installation for Splunk Enterprise, likening it to a typical software installation process.']}, {'end': 2031.48, 'start': 1686.352, 'title': 'Splunk enterprise setup and configuration', 'summary': 'Covers the setup and configuration of splunk enterprise, including creating file inputs, configuring forwarding and receiving, and troubleshooting errors in setting up receivers and forwarders.', 'duration': 345.128, 'highlights': ['Creating file inputs for searching and reporting The user demonstrates the process of creating file inputs for searching and reporting, including setting input type as file monitor, specifying source path, and defining source type as Windows restore app context.', 'Configuring forwarding and receiving The user explains the process of configuring forwarding and receiving, including defining hosts and ports, setting up forwarding defaults, and troubleshooting errors in setting up the receiver.', 'Troubleshooting errors in setting up receivers and forwarders The user encounters errors while setting up receivers and forwarders, such as failing to delete existing configurations and receiving error messages when attempting to save new configurations.']}], 'duration': 1103.366, 'thumbnail': 'https://coursnap.oss-ap-southeast-1.aliyuncs.com/video-capture/OBHtu285aqE/pics/OBHtu285aqE928114.jpg', 'highlights': ['The installation process for Splunk Enterprise is highlighted as easy and similar to installing any other software.', 'After logging in, users can choose from multiple versions of Splunk Enterprise for different operating systems, such as Windows, Linux, and Mac OS.', 'The process involves agreeing to the terms and conditions and privacy policies of Splunk before creating an account.', 'Splunk offers a 60-day free trial for Splunk Cloud and 14-day free trial for Splunk Light.', 'There are more than 2,000 apps available on Splunk base, including integrations such as the Splunk app for New Relic and Splunk app for AWS.', 'Splunk is used by 91 out of 100 Fortune organizations.', 'The user specifies downloading the Windows 64-bit version of Splunk Enterprise, which will be available in the downloads folder for installation.', 'Creating file inputs for searching and reporting.', 'Configuring forwarding and receiving.', 'Troubleshooting errors in setting up receivers and forwarders.']}, {'end': 2782.241, 'segs': [{'end': 2112.137, 'src': 'embed', 'start': 2086.195, 'weight': 2, 'content': [{'end': 2090.819, 'text': 'Here whatever the indexes are already there and the indexes which we have created will be present.', 'start': 2086.195, 'duration': 4.624}, {'end': 2094.101, 'text': "These are basically the Splunk's indexes itself.", 'start': 2091.299, 'duration': 2.802}, {'end': 2099.907, 'text': 'Now for our index that is demo demo 1 actually.', 'start': 2094.641, 'duration': 5.266}, {'end': 2104.05, 'text': "Yeah, okay event count is 0 so it didn't get any event till now.", 'start': 2099.947, 'duration': 4.103}, {'end': 2112.137, 'text': 'So I have one more index which already has some events that is sample index, which I had created earlier.', 'start': 2104.07, 'duration': 8.067}], 'summary': 'There are two splunk indexes: demo demo 1 has 0 events, while sample index has existing events.', 'duration': 25.942, 'max_score': 2086.195, 'thumbnail': 'https://coursnap.oss-ap-southeast-1.aliyuncs.com/video-capture/OBHtu285aqE/pics/OBHtu285aqE2086195.jpg'}, {'end': 2165.838, 'src': 'embed', 'start': 2137.391, 'weight': 1, 'content': [{'end': 2139.052, 'text': 'So the index name is audit.', 'start': 2137.391, 'duration': 1.661}, {'end': 2140.854, 'text': 'So it will be related to some audit.', 'start': 2139.112, 'duration': 1.742}, {'end': 2144.889, 'text': "now let's just go to our search.", 'start': 2141.881, 'duration': 3.008}, {'end': 2148.077, 'text': 'here we go to search and reporting.', 'start': 2144.889, 'duration': 3.188}, {'end': 2153.973, 'text': "so we'll see, for our index mean I will just click on search.", 'start': 2148.077, 'duration': 5.896}, {'end': 2157.815, 'text': 'here you can see 313 events have happened.', 'start': 2153.973, 'duration': 3.842}, {'end': 2162.957, 'text': 'now you can see here how many events have happened at what time now.', 'start': 2157.815, 'duration': 5.142}, {'end': 2164.498, 'text': 'time now.', 'start': 2162.957, 'duration': 1.541}, {'end': 2165.838, 'text': 'here you can see the details.', 'start': 2164.498, 'duration': 1.34}], 'summary': 'The audit index contains 313 events, with details available for review.', 'duration': 28.447, 'max_score': 2137.391, 'thumbnail': 'https://coursnap.oss-ap-southeast-1.aliyuncs.com/video-capture/OBHtu285aqE/pics/OBHtu285aqE2137391.jpg'}, {'end': 2282.965, 'src': 'embed', 'start': 2254.955, 'weight': 3, 'content': [{'end': 2258.856, 'text': 'So my search is not generating any statistic or visualization result.', 'start': 2254.955, 'duration': 3.901}, {'end': 2263.537, 'text': 'So what we will do is maybe we will define some more filters.', 'start': 2259.256, 'duration': 4.281}, {'end': 2270.999, 'text': 'So as you can see with the help of pipes and these things we can create our search query that is known as SPL.', 'start': 2263.817, 'duration': 7.182}, {'end': 2276.581, 'text': 'So let me give as this will see the fields which were already there.', 'start': 2271.88, 'duration': 4.701}, {'end': 2279.503, 'text': "we'll check in the fields.", 'start': 2277.762, 'duration': 1.741}, {'end': 2282.965, 'text': 'yeah, so we have something called as type and we have source type.', 'start': 2279.503, 'duration': 3.462}], 'summary': 'Search query not generating statistics or visualizations, considering adding more filters and utilizing spl.', 'duration': 28.01, 'max_score': 2254.955, 'thumbnail': 'https://coursnap.oss-ap-southeast-1.aliyuncs.com/video-capture/OBHtu285aqE/pics/OBHtu285aqE2254955.jpg'}, {'end': 2387.622, 'src': 'embed', 'start': 2361.286, 'weight': 4, 'content': [{'end': 2366.408, 'text': 'This is the count of our stats, or the locks now will click on visualization.', 'start': 2361.286, 'duration': 5.122}, {'end': 2372.211, 'text': 'So this is how we can visualize it in different types, like this is the column chart.', 'start': 2367.108, 'duration': 5.103}, {'end': 2374.073, 'text': 'We can make use of line chart.', 'start': 2372.532, 'duration': 1.541}, {'end': 2378.596, 'text': 'We can make use of scatter chart or we can make use of bubble chart.', 'start': 2374.213, 'duration': 4.383}, {'end': 2381.678, 'text': "So let's use pie chart.", 'start': 2379.436, 'duration': 2.242}, {'end': 2386.161, 'text': 'Now what we can do is we can save it as a report.', 'start': 2382.118, 'duration': 4.043}, {'end': 2387.622, 'text': 'We can create alert also.', 'start': 2386.241, 'duration': 1.381}], 'summary': 'Visualize stats using various chart types, save as report, and create alert.', 'duration': 26.336, 'max_score': 2361.286, 'thumbnail': 'https://coursnap.oss-ap-southeast-1.aliyuncs.com/video-capture/OBHtu285aqE/pics/OBHtu285aqE2361286.jpg'}, {'end': 2463.723, 'src': 'embed', 'start': 2434.68, 'weight': 5, 'content': [{'end': 2437.523, 'text': 'Now we can view the dashboard now here it comes.', 'start': 2434.68, 'duration': 2.843}, {'end': 2441.086, 'text': 'So this panel has been added to this dashboard.', 'start': 2438.584, 'duration': 2.502}, {'end': 2442.948, 'text': 'We can edit it also.', 'start': 2441.727, 'duration': 1.221}, {'end': 2448.137, 'text': 'We can add panel we can add input and we can make a theme dark.', 'start': 2443.976, 'duration': 4.161}, {'end': 2453.619, 'text': 'So if you want to add some panel, let me just clone from some dashboard.', 'start': 2448.698, 'duration': 4.921}, {'end': 2456.06, 'text': 'So we have these dashboards available.', 'start': 2453.919, 'duration': 2.141}, {'end': 2461.502, 'text': 'So I have one more dashboard with sample one and in this we have sample panel one.', 'start': 2456.44, 'duration': 5.062}, {'end': 2463.723, 'text': 'So the data will come into this.', 'start': 2462.302, 'duration': 1.421}], 'summary': 'Dashboard panel added, editable, with option to add input and make theme dark.', 'duration': 29.043, 'max_score': 2434.68, 'thumbnail': 'https://coursnap.oss-ap-southeast-1.aliyuncs.com/video-capture/OBHtu285aqE/pics/OBHtu285aqE2434680.jpg'}, {'end': 2594.307, 'src': 'embed', 'start': 2570.009, 'weight': 0, 'content': [{'end': 2578.576, 'text': 'so we can have PDF or any format as hard copy and you can use it for your reports and you can analyze the logs or the data.', 'start': 2570.009, 'duration': 8.567}, {'end': 2581.858, 'text': 'We are learning about log analysis and monitoring.', 'start': 2578.976, 'duration': 2.882}, {'end': 2589.084, 'text': "that monitoring thing is happening continuously by the Splunk itself and we'll get the alerts whenever any activity will be observed.", 'start': 2581.858, 'duration': 7.226}, {'end': 2594.307, 'text': 'and we can set some custom alerts as well and this is for analysis.', 'start': 2589.824, 'duration': 4.483}], 'summary': 'Learning about log analysis and monitoring with splunk, which provides continuous monitoring and custom alerts for analysis.', 'duration': 24.298, 'max_score': 2570.009, 'thumbnail': 'https://coursnap.oss-ap-southeast-1.aliyuncs.com/video-capture/OBHtu285aqE/pics/OBHtu285aqE2570009.jpg'}, {'end': 2673.34, 'src': 'embed', 'start': 2641.112, 'weight': 6, 'content': [{'end': 2644.413, 'text': 'We can save it as alert also to existing dashboard and new dashboard.', 'start': 2641.112, 'duration': 3.301}, {'end': 2647.335, 'text': 'We have seen what the dashboard just create a report.', 'start': 2644.433, 'duration': 2.902}, {'end': 2649.195, 'text': 'We will give some title to it.', 'start': 2647.635, 'duration': 1.56}, {'end': 2650.556, 'text': 'Maybe demo report.', 'start': 2649.335, 'duration': 1.221}, {'end': 2658.992, 'text': "bring in time range, because there, and we'll click on save, we can change the additional settings like permissions, schedule, acceleration,", 'start': 2651.468, 'duration': 7.524}, {'end': 2659.993, 'text': 'embed and all.', 'start': 2658.992, 'duration': 1.001}, {'end': 2663.435, 'text': "we'll just go with the basic ones and we'll click on view.", 'start': 2659.993, 'duration': 3.442}, {'end': 2664.575, 'text': 'here it is.', 'start': 2663.435, 'duration': 1.14}, {'end': 2667.717, 'text': 'this is the report available now.', 'start': 2664.575, 'duration': 3.142}, {'end': 2673.34, 'text': 'we can add this report also to the dashboard or we can edit this in the description.', 'start': 2667.717, 'duration': 5.623}], 'summary': 'Report can be saved to dashboard, with options for customization and sharing.', 'duration': 32.228, 'max_score': 2641.112, 'thumbnail': 'https://coursnap.oss-ap-southeast-1.aliyuncs.com/video-capture/OBHtu285aqE/pics/OBHtu285aqE2641112.jpg'}], 'start': 2031.98, 'title': 'Splunk functionality and report creation', 'summary': 'Covers splunk search and reporting, including creating indexes, checking event counts, exploring event details, with 313 events found, and creating dashboards and reports with filters, visualizations, and panel creation for log analysis and monitoring.', 'chapters': [{'end': 2254.275, 'start': 2031.98, 'title': 'Splunk search and reporting', 'summary': "Covers a walkthrough of splunk search and reporting, including creating indexes, checking event counts, and exploring event details, with a total of 313 events found in the search for the 'main' index.", 'duration': 222.295, 'highlights': ["313 events found in the search for the 'main' index, detailing event timestamps, log names, event codes, and source types.", "Zero events found in the 'demo demo 1' index, and 'sample' index, indicating no events recorded in these indexes.", 'Explanation of defining time ranges for producing patterns, with a warning of poor patterns for less than 5000 events.', "Walkthrough of selecting and adding fields in the search results, including the addition of the 'category' field to the selected fields."]}, {'end': 2782.241, 'start': 2254.955, 'title': 'Creating dashboards and reports', 'summary': 'Discusses creating dashboards and reports in splunk, including defining filters, visualizing search results, creating and adding panels to dashboards, and saving search results as reports for log analysis and monitoring.', 'duration': 527.286, 'highlights': ['Creating and visualizing search queries using SPL The chapter explains the process of creating and visualizing search queries using SPL to retrieve specific data, such as using pipes to define filters and visualize search results in different formats.', 'Specifying and visualizing search results using different visualization types The process of specifying and visualizing search results using different visualization types like column chart, line chart, scatter chart, bubble chart, and pie chart is demonstrated for effective data representation.', 'Creating and adding panels to dashboards, including panel themes and cloning panels The chapter covers the creation and addition of panels to dashboards, including setting panel themes, cloning panels from existing dashboards, and adding panels from reports to dashboards.', 'Saving search results as reports and adding them to dashboards The process of saving search results as reports, setting titles and time ranges, and adding them as panels to dashboards for log analysis and monitoring is explained, including exporting reports to PDF or print for further analysis.']}], 'duration': 750.261, 'thumbnail': 'https://coursnap.oss-ap-southeast-1.aliyuncs.com/video-capture/OBHtu285aqE/pics/OBHtu285aqE2031980.jpg', 'highlights': ['Covers splunk search and reporting, including creating indexes, checking event counts, exploring event details, with 313 events found, and creating dashboards and reports with filters, visualizations, and panel creation for log analysis and monitoring.', "313 events found in the search for the 'main' index, detailing event timestamps, log names, event codes, and source types.", "Zero events found in the 'demo demo 1' index, and 'sample' index, indicating no events recorded in these indexes.", 'Creating and visualizing search queries using SPL to retrieve specific data, such as using pipes to define filters and visualize search results in different formats.', 'Specifying and visualizing search results using different visualization types like column chart, line chart, scatter chart, bubble chart, and pie chart is demonstrated for effective data representation.', 'Creating and adding panels to dashboards, including panel themes and cloning panels from existing dashboards, and adding panels from reports to dashboards.', 'Saving search results as reports, setting titles and time ranges, and adding them as panels to dashboards for log analysis and monitoring is explained, including exporting reports to PDF or print for further analysis.']}, {'end': 3414.411, 'segs': [{'end': 2860.069, 'src': 'embed', 'start': 2830.731, 'weight': 0, 'content': [{'end': 2831.672, 'text': 'So when I click on it.', 'start': 2830.731, 'duration': 0.941}, {'end': 2833.473, 'text': 'So what root causes?', 'start': 2832.072, 'duration': 1.401}, {'end': 2841.418, 'text': 'events from tracker.log have not been seen for the last 5250 seconds, which is more than the red threshold, that is, 210 seconds.', 'start': 2833.473, 'duration': 7.945}, {'end': 2850.003, 'text': 'So this typically occurs when indexing or forwarding a failing behind or our blog and here is the tail reader.', 'start': 2841.898, 'duration': 8.105}, {'end': 2855.026, 'text': 'So the monitor input cannot produce data because Splunk these processing queues are full.', 'start': 2850.403, 'duration': 4.623}, {'end': 2860.069, 'text': 'this will be caused by inadequate indexing or forwarding rate or a sudden burst of incoming data.', 'start': 2855.026, 'duration': 5.043}], 'summary': 'Events from tracker.log not seen for 5250 seconds, exceeding red threshold of 210 seconds, indicating potential data processing issues in splunk.', 'duration': 29.338, 'max_score': 2830.731, 'thumbnail': 'https://coursnap.oss-ap-southeast-1.aliyuncs.com/video-capture/OBHtu285aqE/pics/OBHtu285aqE2830731.jpg'}, {'end': 3036.478, 'src': 'embed', 'start': 3009.594, 'weight': 2, 'content': [{'end': 3015.357, 'text': 'we can customize our alerts and we can analyze it with the help of dashboards and reports, etc.', 'start': 3009.594, 'duration': 5.763}, {'end': 3024.824, 'text': "and now let's see some of the dashboards which have already been created by splunk for analysis and monitoring thing.", 'start': 3016.437, 'duration': 8.387}, {'end': 3031.289, 'text': "so we will just go to any of the applications and then we'll go to dashboards or the reports.", 'start': 3024.824, 'duration': 6.465}, {'end': 3032.571, 'text': "so i'll click on the dashboards.", 'start': 3031.289, 'duration': 1.282}, {'end': 3036.478, 'text': 'Yeah, here maybe integrity check of installed file.', 'start': 3033.755, 'duration': 2.723}], 'summary': 'Customize alerts, analyze with dashboards and reports. explore pre-created dashboards for analysis and monitoring.', 'duration': 26.884, 'max_score': 3009.594, 'thumbnail': 'https://coursnap.oss-ap-southeast-1.aliyuncs.com/video-capture/OBHtu285aqE/pics/OBHtu285aqE3009594.jpg'}, {'end': 3212.266, 'src': 'embed', 'start': 3184.168, 'weight': 3, 'content': [{'end': 3186.849, 'text': 'So according to that we can monitor the logs.', 'start': 3184.168, 'duration': 2.681}, {'end': 3189.31, 'text': 'I hope this was clear to you all.', 'start': 3187.569, 'duration': 1.741}, {'end': 3197.334, 'text': 'you can just explore more and you can take most out of Splunk for your applications, websites or even Windows data,', 'start': 3189.31, 'duration': 8.024}, {'end': 3199.676, 'text': 'Linux data or whatever is required.', 'start': 3197.334, 'duration': 2.342}, {'end': 3204.52, 'text': 'And before ending this demo, let me show you for that local data also.', 'start': 3200.316, 'duration': 4.204}, {'end': 3206.641, 'text': "So we'll just go to data inputs.", 'start': 3205, 'duration': 1.641}, {'end': 3210.124, 'text': 'So we have seen for the files and directories for Windows.', 'start': 3207.262, 'duration': 2.862}, {'end': 3212.266, 'text': 'We have checked the logs for Windows.', 'start': 3210.184, 'duration': 2.082}], 'summary': 'Monitor logs using splunk for various data sources and explore its potential for applications and websites.', 'duration': 28.098, 'max_score': 3184.168, 'thumbnail': 'https://coursnap.oss-ap-southeast-1.aliyuncs.com/video-capture/OBHtu285aqE/pics/OBHtu285aqE3184168.jpg'}], 'start': 2782.261, 'title': 'Splunk log analysis', 'summary': 'Covers setting up log analysis using splunk, including indexing data, configuring forwarders and receivers, creating reports and dashboards, and monitoring logs, with a focus on windows event logs, resulting in a total of 5 hosts and various source types recorded.', 'chapters': [{'end': 3087.026, 'start': 2782.261, 'title': 'Splunk dashboard analysis', 'summary': 'Covers the analysis of a splunk dashboard, highlighting the health indicators, serious issues, log analysis, alerts, and dashboard creation by splunk for monitoring, with emphasis on the root causes of ingestion latency and tail reader issues.', 'duration': 304.765, 'highlights': ['The red marker indicates severe issues, while green signifies proper functioning and yellow indicates problems, where the chapter provides insight into two serious issues, ingestion latency and tail reader.', "The root cause of ingestion latency is events from tracker.log not being seen for 5250 seconds, exceeding the red threshold of 210 seconds, while the tail reader issue is due to the monitor input being unable to produce data because Splunk's processing queues are full.", 'The transcript details the impact of default and changed thresholds on ingestion latency, as well as the potential causes for the tail reader issue, such as increased system processes and data influx from operations.', 'Additionally, the chapter discusses the creation of alerts for monitoring applications and websites, the analysis of dashboards and reports created by Splunk, and the ownership and sharing aspects of these dashboards and reports.']}, {'end': 3414.411, 'start': 3087.667, 'title': 'Splunk log analysis demo', 'summary': 'Covers a demonstration of setting up log analysis using splunk, including indexing data, configuring forwarders and receivers, creating reports and dashboards, and monitoring logs, with a focus on windows event logs, resulting in a total of 5 hosts and various source types recorded.', 'duration': 326.744, 'highlights': ['Setting up log analysis using Splunk, including indexing data, configuring forwarders and receivers, creating reports and dashboards, and monitoring logs, with a focus on Windows event logs, resulting in a total of 5 hosts and various source types recorded.', 'Demonstrating the process of setting up local event log collection and remote event log collection, selecting specific logs such as application and security, creating indexes, and successfully updating the localhost for log monitoring and analysis.', 'Explaining the potential applications of Splunk for log monitoring and analysis, with the ability to analyze logs from various sources such as applications, systems, and Windows event logs, and emphasizing the benefits of exploring more functionalities within Splunk for different data sources.']}], 'duration': 632.15, 'thumbnail': 'https://coursnap.oss-ap-southeast-1.aliyuncs.com/video-capture/OBHtu285aqE/pics/OBHtu285aqE2782261.jpg', 'highlights': ['The root cause of ingestion latency is events from tracker.log not being seen for 5250 seconds, exceeding the red threshold of 210 seconds.', "The tail reader issue is due to the monitor input being unable to produce data because Splunk's processing queues are full.", 'The chapter discusses the creation of alerts for monitoring applications and websites, the analysis of dashboards and reports created by Splunk, and the ownership and sharing aspects of these dashboards and reports.', 'Setting up log analysis using Splunk, including indexing data, configuring forwarders and receivers, creating reports and dashboards, and monitoring logs, with a focus on Windows event logs, resulting in a total of 5 hosts and various source types recorded.', 'Explaining the potential applications of Splunk for log monitoring and analysis, with the ability to analyze logs from various sources such as applications, systems, and Windows event logs, and emphasizing the benefits of exploring more functionalities within Splunk for different data sources.']}], 'highlights': ['Covers splunk search and reporting, including creating indexes, checking event counts, exploring event details, with 313 events found, and creating dashboards and reports with filters, visualizations, and panel creation for log analysis and monitoring.', 'Setting up log analysis using Splunk, including indexing data, configuring forwarders and receivers, creating reports and dashboards, and monitoring logs, with a focus on Windows event logs, resulting in a total of 5 hosts and various source types recorded.', 'Log analysis provides visibility into the performance and health of IT infrastructure and application stacks.', 'Log analysis has endless applications, including sign-in/sign-out requests on a website, transactions on a currency exchange, calls to an informational API, and other industry-specific actions.', 'Splunk processes insights from machine and big data, accepting data in any format.', 'Splunk offers three categories: Splunk Enterprise, Splunk Cloud, and Splunk Lite.', 'The installation process for Splunk Enterprise is highlighted as easy and similar to installing any other software.', 'After logging in, users can choose from multiple versions of Splunk Enterprise for different operating systems, such as Windows, Linux, and Mac OS.', 'The process involves agreeing to the terms and conditions and privacy policies of Splunk before creating an account.', 'Splunk offers a 60-day free trial for Splunk Cloud and 14-day free trial for Splunk Light.', 'There are more than 2,000 apps available on Splunk base, including integrations such as the Splunk app for New Relic and Splunk app for AWS.', 'The root cause of ingestion latency is events from tracker.log not being seen for 5250 seconds, exceeding the red threshold of 210 seconds.', "The tail reader issue is due to the monitor input being unable to produce data because Splunk's processing queues are full."]}