Chapter 5. Extending Intelligence – Data Models and Pivoting

In this chapter, we will introduce the Splunk data model and pivoting functionality. We will learn about:

  • Creating a data model for web access logs
  • Creating a data model for application logs
  • Accelerating data models
  • Pivoting total sales transactions
  • Pivoting purchases by geographical location
  • Pivoting slowest responding web pages
  • Pivot charting top error codes

Introduction

In many of the previous chapters, we leveraged Splunk's Search Processing Language (SPL) quite a bit in order to build searches, reports, and dashboards. In this chapter, we will learn how to leverage Splunk's data model and Pivot functionality and demonstrate how these can be leveraged by less technical users to easily build ...

Get Splunk Operational Intelligence Cookbook now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.