Product Tips
Your Splunk deployment is up and running, but you want to work faster and better. Clear and actionable product tips from Splunk experts across all our product lines will get you there. If you still can't find what you need, scroll further down the page to explore all the resources that Splunk has to offer.
- Administration
- Automating Splunk platform administration with a Continuous Configuration Automation framework
- Configuring Splunk for Common Access Card (CAC) authentication
- Creating allows lists with the Splunk Cloud Platform Admin Configuration Service (ACS) API
- Introduction to the Splunk Distributed Deployment Server (SDDS)
- Managing configurations in Splunk Cloud Platform
- Reducing Splunk Enterprise management effort with Splunk Assist
- Scaling your Splunk Enterprise deployment
- Securing the Splunk Cloud Platform
- Securing the Splunk platform with TLS
- Setting up deployment server apps for the enterprise environment
- Troubleshooting compatibility issues between components or apps in Splunk Enterprise
- Troubleshooting data not coming in from a Universal Forwarder
- Troubleshooting high resource usage in Splunk Enterprise
- Understanding workload pricing in Splunk Cloud Platform
- Using the deployer
- Data Management
- Adding a heavy forwarder to Splunk Cloud Platform
- Alerting on missing source types
- Alerting on source type volume with machine learning
- Checking the quality of your data sources
- Configuring new source types
- Getting to know your data
- Improving data pipeline processing in Splunk Enterprise
- Merging common values from separate fields
- Normalizing values to a common field name with the Common Information Model (CIM)
- Organizing machine learning data flows
- Preparing data for use with the Machine Learning Toolkit (MLTK)
- Receiving and storing queued time series data
- Reducing event delay in Splunk Enterprise
- Reducing low-value data ingestion to improve license usage
- Sampling data with ingest actions for data reduction
- Sending Splunk Observability events as Alert Actions
- Setting data retention rules in Splunk Cloud Platform
- Solving data quality issues
- Using ingest actions in Splunk Enterprise
- Using ingest actions with source types that are renamed with props and transforms
- Using OpenTelemetry to get data into Splunk Cloud Platform
- Using Table Views to prepare data without SPL
- Writing better searches with the Common Information Model
- Searching and Reporting
- Accessing search history
- Adding trigger conditions to alerts
- Combining multiple data sources in SPL
- Following best practices for working with dashboards
- Hiding rows or panels in dashboards with XML
- Optimizing search
- Prioritizing scheduled searches
- Reducing skipped searches
- Reducing Smartstore cache churn with smart Workload Management rules
- Replacing null values by using the fillnull and filldown commands
- Returning terms or indexed fields from event indexes with the Walklex command
- Telling stories with your data using data visualizations
- Troubleshooting and investigating searches
- Updating deprecated HTML dashboards
- Using advanced macros
- Using summary indexing to accelerate searches
- Using the highlight command
- Using the makeresults command
- Using the top and rare commands
- Working with multivalue fields
- Writing better queries in Splunk Search Processing Language
Where Else to Find Help
| Resource | Description |
|---|---|
| The free Search Tutorial guides you through adding data, searching, and creating simple dashboards. | |
| Deliver apps and integrations that bring new kinds of data into the Splunk platform and deliver data-based insights. | |
| Get a free 14-day trial of Splunk Cloud Platform and search, analyze, and visualize 5 GB/day of your own data in a Splunk hosted cloud environment for fast insights. | |
|
Lunch 'n Learn |
Join these free workshops to connect & interact with experts, colleagues, and peers while learning how to use Splunk with Splunk4Rookies, Splunk4Ninjas, and more. Ask your account team how. |
| Join these virtual, interactive, hands-on, and free workshops to connect & interact with experts, colleagues, and peers while learning about topics relevant to public sector organizations. | |
| Migrating from on-premises to Splunk Cloud Platform | Follow our step-by-step guide of resources, tools, services, and best practices to ensure your move to the cloud is successful. |