1
00:00:04,580 --> 00:00:11,960
Since we have seen in from our previous tutorials how to download Splunk packages and what all packages

2
00:00:11,960 --> 00:00:13,460
for Splunk are available.

3
00:00:14,000 --> 00:00:16,990
Let's see how Splunk actually looks and feels.

4
00:00:17,000 --> 00:00:24,500
I have already my Splunk instance set up with Amazon, but we will be covering the installation of Splunk

5
00:00:24,500 --> 00:00:26,300
and the later part of tutorial.

6
00:00:26,510 --> 00:00:27,320
Let's.

7
00:00:28,190 --> 00:00:29,290
Log into our Splunk.

8
00:00:29,300 --> 00:00:33,020
But these are all the concepts in Shell over your Splunk.

9
00:00:33,740 --> 00:00:35,000
It will be covering through.

10
00:00:35,450 --> 00:00:36,830
Let's go to Amazon.

11
00:00:38,510 --> 00:00:40,880
So this is our IP of the instance.

12
00:00:41,420 --> 00:00:44,630
I've already logged in by default.

13
00:00:44,630 --> 00:00:49,700
Splunk, the UI or the Splunk web process runs on Port eight thousandths.

14
00:00:50,180 --> 00:00:51,320
Let me log in.

15
00:01:01,070 --> 00:01:02,870
Once we are logged in.

16
00:01:03,440 --> 00:01:13,460
This is a simple Splunk instance which is running on Amazon with some basic infrastructure just for

17
00:01:13,460 --> 00:01:14,840
demo during this tutorial.

18
00:01:14,840 --> 00:01:21,950
So once you log in, you'll be seeing this page, which is also known as the launcher screen or the

19
00:01:21,950 --> 00:01:26,850
welcome screen, which is the default welcome page for all users.

20
00:01:26,870 --> 00:01:32,030
This can be customized to a great extent for the simplicity of tutorial.

21
00:01:32,330 --> 00:01:34,850
We will leave this as it is for now.

22
00:01:34,850 --> 00:01:38,480
But first, let's start with the Splunk.

23
00:01:39,960 --> 00:01:48,810
Icon, which will be like your home button on your mobile phones no matter where you are in Splunk.

24
00:01:48,810 --> 00:01:54,870
If you click on the Splunk icon, you'll be brought to your home page.

25
00:01:56,170 --> 00:02:02,260
The next link right next to the home button is the app's main.

26
00:02:05,080 --> 00:02:09,980
Which shows the list of apps that are installed on Splunk.

27
00:02:10,000 --> 00:02:17,830
As of now, we are just search and reporting app, which is the basic app that comes as part of all

28
00:02:17,830 --> 00:02:19,330
Splunk instances.

29
00:02:20,020 --> 00:02:26,740
The next link in the top menu is the user menu where it displays as administrator.

30
00:02:26,890 --> 00:02:33,640
Since I've logged in with admin credentials, if you are logged in as a normal user or another user,

31
00:02:33,640 --> 00:02:38,140
it will display your name, whichever mentioned as part of the user profile.

32
00:02:39,300 --> 00:02:47,790
This as many links which is related to user profile, where you can change your password, set your

33
00:02:48,300 --> 00:02:54,060
time zone, and most of them are explanatory.

34
00:02:54,090 --> 00:03:01,320
This is your password resetting zone you can call it as and you can set your timezone, whichever the

35
00:03:01,320 --> 00:03:02,430
location you are.

36
00:03:02,940 --> 00:03:08,850
The default application which you would like to see by default, it is the launcher.

37
00:03:08,880 --> 00:03:10,740
The second one is your search.

38
00:03:10,770 --> 00:03:16,040
These are some in-built apps which will be going through at the later stage.

39
00:03:16,050 --> 00:03:18,870
So just remember the default is the launcher.

40
00:03:18,900 --> 00:03:21,090
The search is the search and reporting app.

41
00:03:22,370 --> 00:03:29,240
And these are some just to restart your background jobs in case if Splunk restarts so that your background

42
00:03:29,240 --> 00:03:30,980
jobs also will reinstate.

43
00:03:32,260 --> 00:03:34,960
And these are some default modes.

44
00:03:34,990 --> 00:03:41,560
Whichever you need, you'll be able to customize and the theme for highlighting the syntax while writing

45
00:03:41,560 --> 00:03:42,580
the search queries.

46
00:03:42,850 --> 00:03:52,330
These are some basic self explanatory account settings which you'll be able to do as part of this tutorial.

47
00:03:52,360 --> 00:03:55,150
You'll be getting free access for 30 days.

48
00:03:55,150 --> 00:04:01,390
You can go around all these things once you get free access to a demo instance, which will be part

49
00:04:01,630 --> 00:04:05,620
of the complete package of this Splunk tutorial.

50
00:04:09,470 --> 00:04:14,630
Moving on to our next link on the top menu is the messages in this.

51
00:04:15,840 --> 00:04:19,300
You can see all Splunk related errors.

52
00:04:19,320 --> 00:04:26,910
Warnings, license violation of license messages, which you should make sure being a Splunk admin or

53
00:04:26,910 --> 00:04:31,380
architect to keep the messages tab clear almost all the time.

54
00:04:33,520 --> 00:04:41,860
The next step is the Settings tab, which is the most important and crucial and includes all the configuration

55
00:04:41,860 --> 00:04:49,360
related to Splunk or under this menu, which we will be going through this complete module of settings

56
00:04:49,360 --> 00:04:55,630
in a separate section for keeping this initial overview session short.

57
00:04:55,660 --> 00:04:58,090
Let's move on to next step.

58
00:04:58,990 --> 00:05:01,450
The next is the activity tab.

59
00:05:02,200 --> 00:05:09,460
Here you will be able to see and analyze Splunk performance, where you can see how many searches are

60
00:05:09,460 --> 00:05:15,880
running, who are running, how long the searches have been running, and what are the status of the

61
00:05:16,000 --> 00:05:20,290
searches on this Splunk instance?

62
00:05:21,070 --> 00:05:27,430
As soon as you click on the jobs link, you can see I've run a couple of searches quite this back and

63
00:05:27,430 --> 00:05:33,820
it has completed and if you see all the searches that has been done, there has been only one search

64
00:05:33,820 --> 00:05:34,980
that has been run.

65
00:05:34,990 --> 00:05:41,080
This was just for testing whether my instance was up or down and whether it was indexing some data it

66
00:05:41,080 --> 00:05:41,740
was doing.

67
00:05:42,840 --> 00:05:44,040
It was up and running.

68
00:05:45,000 --> 00:05:50,250
So this information is used for troubleshooting your Splunk performance.