Install Splunk

Time to install Splunk! Then, using the Buttercup Games tutorial data provided by Splunk, you should explore some of the core search features.

Visit the Splunk site and download Splunk Enterprise free trial (as of November 2023, Splunk’s most current version is 9).

For the rest of the activity, you will be using Splunk’s dataset and documentation to covering some of the following Splunk features:

1. Splunk interface walk-through
2. Anatomy of search
3. Basis search syntax
4. Explain core search features
   1. Index
   2. Source
   3. Sourcetype