This is the code repository for Splunk Best Practices, published by Packt Publishing. It contains all the required files to run the code.
This book is for administrators, developers, and search ninjas who have been using Splunk for some time. A comprehensive coverage makes this book great for Splunk veterans and newbies alike.
You will need at least a distributed deployment of an on prem installation of Splunk for this book, collecting both Linux and Windows information, and a heavy forwarder as well. We will use all of these pieces to show you techniques to add value.
Click here if you have any feedback or suggestions.