It's hard to spot patterns when looking at text error logs. Quick visualizations give a way of instantly spotting patterns without generating a full dashboard.
- [Instructor] The vagrant box is set up…with a web server and a recurring script…that will simulate some web traffic every five minutes.…This will give us something to look at…when we create a dashboard.…You'll start at the search panel…and we'll put in 404 and source type,…equals access combined.…You can see it was one of the options that auto completed.…This will show us just 404,…that is file not found messages,…that have been piling up in the web server access log.…
So let's click search.…You may have noticed before that there's a little graph…at the top of the search results.…Go over to Format Timeline…and select Full to get a better view.…This is the most basic visualization…that you get with Splunk.…And it will only really show you event counts over time.…In order to get this into a friendlier visualization format,…we'll need to tell Splunk…what we actually want to visualize.…
Since this is just 404 errors,…an error count indexed against time should work.…To do that, I'll add the command timechart count,…
Author
Josh Samuelson
Released
10/12/2018- Installing Splunk
- Filtering search data
- Advanced search syntax
- Creating reports and dashboards
- Creating alerts and actions
- Configuring remote data and multiple data streams
Skill Level Beginner
Duration
Views
-
Introduction
-
Learn Splunk32s
-
The learning environment2m 8s
-
What is Splunk?1m 35s
-
Install Splunk Free edition4m 28s
-
-
1. Tour of Major Features
-
Home app2m 44s
-
Set up your Splunk user2m 9s
-
Search1m 31s
-
Reporting2m 15s
-
Add-ons3m 35s
-
-
2. Search
-
Simple filtering3m 7s
-
Time3m 50s
-
Complex filtering3m 50s
-
Advanced search syntax5m 49s
-
3. Reporting and Dashboards
-
Reporting overview2m 12s
-
Create a simple report2m 13s
-
Create a dashboard panel2m 23s
-
-
4. Alerting
-
Alerting concepts3m 35s
-
Create an alert3m 4s
-
Advanced alerting2m 59s
-
Solution: Advanced alerting4m 15s
-
-
5. Practical Splunk
-
Configure remote data2m 44s
-
Using multiple data streams4m 14s
-
Beyond logs4m 6s
-
Visualizing and alerts4m 32s
-
Conclusion
-
Next steps1m 57s
-
Take notes with your new membership!
Type in the entry box, then click Enter to save your note.
Press on any video thumbnail to jump immediately to the timecode shown.
Notes are saved with you account but can also be exported as plain text, MS Word, PDF, Google Doc, or Evernote.
Share this video
Embed this video
Video: Visualize errors