Database Reference
In-Depth Information
How to perform simple searches
Now we'll go on to do a couple of simple searches. In Chapter 1 , Introducing Splunk , we
brought in data from a file. This data included information on events that Splunk created
for a fictional online store that sells games. It includes logs from the web server as well as
MySQL, a backend database system. We'll do a simple search of these logs here, and will
do more advanced searches in the chapters ahead. The steps and screenshots for this pro-
cess are presented as follows:
1. First, you need to start up Splunk. Go to your start menu and activate Splunk.
Notice that on the right, you should have a substantial number of events listed.
These are the events that were indexed when you read in the file in Chapter 1 , In-
troducing Splunk .
2. You are interested in looking at all the events involving Buttercup Games, one of
the games you have at this fictional online store. Type buttercupgames into the
Search box shown in the following screenshot:
Enter buttercupgames into the search box
3. You will see something like the events listed in the following screenshot. The actu-
al events will be different, as Splunk updates the fictional data on this site. But the
events you see will have a similar structure. Incidences of the search term are high-
Search WWH ::




Custom Search