From the course: Learning Splunk
Join today to access over 25,400 courses taught by industry experts.
Simple filtering - Splunk Tutorial
From the course: Learning Splunk
Simple filtering
- [Instructor] Splunk search can do a lot more than matching keywords. Let's try some simple filtering using some of Splunk's search syntax. So to get started, we'll click on Search & Reporting under Apps. And then here under Search, let's start just by putting an asterisk, and it will show us all of our log data that we have. I'm going to change it from last 24 hours to all time just 'cause I don't have that much data to show yet in the last 24 hours. So, the first thing we might do is narrow this down just to a specific host. In our case, we're only getting data from one host, but we can pretend that we have more than one. A couple ways to do this. You can actually just click on the keyword down here and say Add to Search. And at this point we can remove the asterisk. The other option instead of clicking on it is that you can type it in. And if you say host equals, Splunk will try to auto complete with what…
Practice while you learn with exercise files
Download the files the instructor uses to teach the course. Follow along and learn by watching, listening and practicing.
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.