1 00:00:02,130 --> 00:00:07,470 Now we are already committed to understanding Splunk and becoming the Splunk master. 2 00:00:07,500 --> 00:00:14,760 We will see how we can get help when we get stuck at any stage of Splunk learning or implementation 3 00:00:14,760 --> 00:00:16,370 or operations. 4 00:00:16,380 --> 00:00:20,770 The first option of help, as we saw earlier, was under Splunk. 5 00:00:20,830 --> 00:00:27,420 Dua We have seen this earlier, which lists all the resources necessary for learning or troubleshooting 6 00:00:27,420 --> 00:00:28,200 Splunk. 7 00:00:30,360 --> 00:00:35,210 The second and probably the best place is the Splunk answers. 8 00:00:35,220 --> 00:00:37,610 That is answers to Splunk dot com. 9 00:00:37,620 --> 00:00:46,110 We know that by now that it is kind of a Stack Overflow for Splunk related queries, which is highly 10 00:00:46,110 --> 00:00:53,490 active community where a lot of people contribute to exchange and share knowledge. 11 00:00:53,580 --> 00:00:57,270 And the third is the Splunk IRC channel. 12 00:00:57,540 --> 00:01:03,110 I'll just quickly show you how we can use Splunk IRC channel. 13 00:01:03,120 --> 00:01:05,130 It is basically on if net. 14 00:01:11,170 --> 00:01:13,120 Let me type in just a minute. 15 00:01:15,060 --> 00:01:22,680 This is an IFC channel where as to Splunk is your Splunk channel. 16 00:01:23,700 --> 00:01:25,710 Just give whatever the name you want. 17 00:01:27,400 --> 00:01:28,640 And Click Login. 18 00:01:28,660 --> 00:01:36,430 It will be connecting you to the Splunk channel where a lot of Splunk gurus and you'll get probably 19 00:01:36,430 --> 00:01:37,580 faster responses. 20 00:01:37,600 --> 00:01:43,270 It will be like a chatting application where you can raise any queries and you can type in something 21 00:01:43,270 --> 00:01:45,850 and send it and somebody will respond. 22 00:01:45,850 --> 00:01:48,510 Regarding the Splunk or what is the latest version? 23 00:01:48,520 --> 00:01:52,150 Any bugs they have found, what are the issues? 24 00:01:52,150 --> 00:01:56,200 Or how you can troubleshoot or how you can configure a few of the things? 25 00:01:56,230 --> 00:01:59,850 A lot of these people are highly active during the US business hours. 26 00:01:59,860 --> 00:02:05,770 The rest of the time it is kind of slow, but Splunk answers on the other side. 27 00:02:06,040 --> 00:02:10,660 You will get answers to your queries at any moment of that time. 28 00:02:13,600 --> 00:02:15,460 Let me log out of I.R.S.. 29 00:02:17,930 --> 00:02:19,850 And we'll go back to our slides. 30 00:02:20,950 --> 00:02:23,410 Now we have seen Splunk as Sea Channel. 31 00:02:23,440 --> 00:02:26,440 The next is the Splunk documentation. 32 00:02:28,350 --> 00:02:31,140 Which is the best and accurate place. 33 00:02:32,120 --> 00:02:35,030 For learning or troubleshooting about Splunk? 34 00:02:35,390 --> 00:02:40,910 Probably not for troubleshooting, for learning because the most of the documentation is open and available 35 00:02:40,910 --> 00:02:42,980 publicly for everyone. 36 00:02:43,010 --> 00:02:45,210 It is doc start splunk dot com. 37 00:02:45,230 --> 00:02:49,700 If you are looking for a Splunk Enterprise, it is doc store splunk dot com. 38 00:02:49,700 --> 00:02:50,840 Let me type it for you. 39 00:02:53,400 --> 00:02:56,670 Docs dot splunk dot com slash. 40 00:03:00,540 --> 00:03:04,190 Documentation will take you directly to your Splunk Enterprise. 41 00:03:04,200 --> 00:03:12,090 If you want to just click click on Splunk Enterprise, just type on Salon.com, you'll be taken to Splunk 42 00:03:12,090 --> 00:03:13,020 Enterprise. 43 00:03:13,200 --> 00:03:15,150 Click on this core product, Splunk Enterprise. 44 00:03:15,150 --> 00:03:20,610 You'll be taken to all the documentations which are related to Splunk Enterprise. 45 00:03:20,610 --> 00:03:21,360 You'll get. 46 00:03:23,590 --> 00:03:25,160 Accurate information. 47 00:03:25,180 --> 00:03:26,440 Most efficient. 48 00:03:27,450 --> 00:03:29,610 And it's totally free. 49 00:03:29,760 --> 00:03:35,970 You can download any manual, whichever you want in the form of PDF, or you can download by selecting 50 00:03:35,970 --> 00:03:39,360 specific topic and downloading the mass PDF. 51 00:03:39,570 --> 00:03:48,030 The most important one, which I keep handy every time, is search and reporting search reference manual 52 00:03:48,030 --> 00:03:50,580 because I can't remember 140 plus comment. 53 00:03:50,610 --> 00:03:58,830 I use this manual to quickly search for the syntax of the commands or which commands best fits my present 54 00:03:58,830 --> 00:03:59,600 requirement. 55 00:03:59,610 --> 00:04:07,530 The second one, which usually follows the admin manual with these two, will be my two tabs and my 56 00:04:07,530 --> 00:04:16,650 operations every day because you'll get this good menu called configuration file reference with example 57 00:04:16,650 --> 00:04:23,970 syntax that needs to be configured and a short description of what each configuration file is. 58 00:04:24,150 --> 00:04:30,120 You can find all this in your Splunk package, which your downloaded for installation, but I feel this. 59 00:04:30,860 --> 00:04:39,050 The example menu, which shows what it does and what information it contains, will be highly resourceful 60 00:04:39,050 --> 00:04:41,100 during the implementation or configuration. 61 00:04:41,120 --> 00:04:45,340 This is the admin menu and configuration file reference. 62 00:04:45,350 --> 00:04:53,510 The second one, which I use most commonly, is the search reference, which again as search commands. 63 00:04:54,020 --> 00:05:01,940 These are 140 plus commands since in the previous video we have seen like the top command or do I do 64 00:05:01,940 --> 00:05:05,090 if I want to know more about top, I search for top. 65 00:05:06,750 --> 00:05:07,980 Click on that command. 66 00:05:10,100 --> 00:05:13,010 And it will display me complete syntax. 67 00:05:14,740 --> 00:05:23,110 Small description and examples of that command, which is huge for learning Splunk. 68 00:05:23,140 --> 00:05:29,740 Troubleshooting Splunk, you can see any commands that are practically in this product. 69 00:05:30,860 --> 00:05:32,270 In domes for free. 70 00:05:33,080 --> 00:05:39,860 This documentation site is the most accurate and probably you should make the best use of these documentations. 71 00:05:41,380 --> 00:05:43,510 Let's go back to our slides. 72 00:05:43,960 --> 00:05:46,270 So the next one is the Splunk support. 73 00:05:46,270 --> 00:05:51,340 That is, of course, the paid support, which comes as part of your license in case if you are stuck 74 00:05:51,340 --> 00:05:56,320 and there is a business disruption or business impact that is happening, you're not able to resolve 75 00:05:56,320 --> 00:05:57,040 the issue. 76 00:05:57,430 --> 00:06:03,490 You can raise a call with Splunk by calling them or by emailing them or with your customer portal. 77 00:06:03,490 --> 00:06:11,250 You can log in incident response back to you on the best possible way, that is with the Splunk support. 78 00:06:11,260 --> 00:06:18,310 But my experience working on this product is 80% of the time you'll find answers from the documentation 79 00:06:18,310 --> 00:06:20,870 side or Splunk answers Dotcom. 80 00:06:20,890 --> 00:06:24,970 These two are your best friends for learning Splunk or troubleshooting Splunk. 81 00:06:25,000 --> 00:06:31,570 If you can't find answers, then these two portals, it's probably a product bug, in which case the 82 00:06:31,570 --> 00:06:37,270 Splunk support will come into picture to identify the bug or provide a workaround for these information. 83 00:06:38,490 --> 00:06:42,090 Can be obtained in answers to Splunk dot com and. 84 00:06:43,620 --> 00:06:45,360 Dot dot splunk dot com. 85 00:06:45,690 --> 00:06:52,020 It should be able to resolve your 80% of the issues are regarding implementation or learning.