Splunk 简明教程
Splunk - Interface
Splunk Web 界面包含您搜索、报告和分析已导入数据的所需的所有工具。同一个 Web 界面提供用于管理用户及其角色的功能。它还提供 Splunk 中可用的用于数据导入和内置应用程序的链接。
The Splunk web interface consists of all the tools you need to search, report and analyse the data that is ingested. The same web interface provides features for administering the users and their roles. It also provides links for data ingestion and the in-built apps available in Splunk.
下图显示了使用管理员凭据登录 Splunk 后的初始屏幕。
The below picture shows the initial screen after your login to Splunk with the admin credentials.
Administrator Link
管理员下拉选项让用户设置和编辑管理员的详细信息。我们可以使用下面的屏幕重新设置管理员的电子邮件 ID 和密码−
The Administrator drop down gives the option to set and edit the details of the administrator. We can reset the admin email ID and password using the below screen −
除管理员链接外,我们还可以导航到“偏好设置”选项,在该选项中,我们可以在登录后设置时区和打开登录页面的主页应用程序。目前,它打开“主页”,如下所示−
Further from the administrator link, we can also navigate to the preferences option where we can set the time zone and home application on which the landing page will open after your login. Currently, it opened on the Home page as shown below −
Settings Link
这是一个链接,它显示 Splunk 中可用的所有核心功能。例如,您可以选择查找链接添加查找文件和查找定义。
This is a link which shows all the core features available in Splunk. For example, you can add the lookup files and lookup definitions by choosing the lookup link.
我们将在后续章节中讨论这些链接的重要设置。
We will discuss the important settings of these links in the subsequent chapters.
Search and Reporting Link
查找和报告链接将我们带到一个页面,在这个页面上,我们可以找到可用于搜索为这些搜索创建的报告和警报的数据集。它在下面的屏幕截图中显示得很清楚−
The search and reporting link takes us to the features where we can find the data sets that are available for searching the reports and alerts created for these searches. It is clearly shown in the below screenshot −
