Product Tips
Your Splunk deployment is up and running, but you want to work faster and better. Clear and actionable product tips from Splunk experts across all our product lines will get you there. If you still can't find what you need, scroll further down the page to explore all the self-resources that Splunk has to offer.
- Administration
- Automating Splunk platform administration with a Continuous Configuration Automation framework
- Creating allows lists with the Splunk Cloud Platform Admin Configuration Service API
- Managing configurations in Splunk Cloud Platform
- Reducing platform management effort with Splunk Assist
- Scaling your Splunk Enterprise deployment
- Securing the Splunk Cloud Platform
- Troubleshooting high resource usage
- Understanding workload pricing
- Data Management
- Adding a heavy forwarder to Splunk Cloud Platform
- Alerting on missing source types
- Alerting on source type volume with machine learning
- Checking the quality of your data sources
- Configuring new source types
- Getting to know your data
- Improving data pipeline processing in Splunk Enterprise
- Merging common values from separate fields
- Normalizing values to a common field name with the Common Information Model (CIM)
- Organizing machine learning data flows
- Receiving and storing queued time series data
- Reducing event delay in Splunk Enterprise
- Reducing low-value data ingestion to improve license usage
- Reviewing data buckets retrieved during restore job
- Sampling data with Ingest Actions for data reduction
- Sending Splunk Observability events as Alert Actions from Splunk Cloud
- Setting data retention rules in Splunk Cloud Platform
- Using ingest actions with source types that are renamed with props and transforms
- Using Table Views in Splunk Enterprise
- Writing better searches with the Common Information Model
- Searching and Reporting
- Combining multiple data sources in SPL
- Following best practices for working with dashboards
- Optimizing search in Splunk Cloud Platform
- Reducing skipped searches in Splunk Cloud Platform
- Reducing skipped searches in Splunk Enterprise
- Returning terms or indexed fields from event indexes with the Walklex command
- Telling stories with your data using data visualizations
- Troubleshooting and investigating searches in Splunk Cloud Platform
- Updating deprecated HTML dashboards in Splunk Cloud Platform
- Using advanced macros
- Using summary indexing to accelerate searches in Splunk Cloud Platform
- Working with multivalue fields
- Writing better queries in Splunk Search Processing Language
Where Else to Find Help
| Resource | Description |
|---|---|
| The free Search Tutorial guides you through adding data, searching, and creating simple dashboards. | |
| Deliver apps and integrations that bring new kinds of data into the Splunk platform and deliver data-based insights. | |
| Get a free 14-day trial of Splunk Cloud Platform and search, analyze, and visualize 5 GB/day of your own data in a Splunk hosted cloud environment for fast insights. | |
|
Lunch 'n Learn |
Join these free workshops to connect & interact with experts, colleagues, and peers while learning how to use Splunk with Splunk4Rookies, Splunk4Ninjas, and more. Ask your account team how. |
| Join these virtual, interactive, hands-on, and free workshops to connect & interact with experts, colleagues, and peers while learning about topics relevant to public sector organizations. |
|
Explore guides on Splunk products. |
Get answers to your questions from Splunk know-it-alls. Or share what you’ve learned. |
Watch technical deep dives live or on demand to learn how to get the most from your data |
Learn your way around the Splunk Platform and become a certified Splunk Ninja. |
|
Partner with a technical resource to drive the success of your Splunk deployment. |
Build a strategic success plan for your Splunk deployment. |
View entitlements, licenses, submit and manage cases, access OnDemand services. |
Read and subscribe to one of our many blog categories. |
