Splunk

Where can I practice splunk search commands for free?

December 7, 2018 comments off

For newbies Splunk has provided Splunk free online sandbox where you can try splunk and practice on it. Below is link for splunk online sandbox.You need to register on splunk website for accessing sandbox. You can download our sample logs from link given below and get same results as shown in below screenshots or you can try same commands with your logs added to splunk

Splunk Sandbox
https://www.splunk.com/blog/2016/03/22/your-splunk-sandbox.html

Step 1 – Install Splunk Enterprise
You may install Splunk Enterprise on your local workstation (desktop/laptop), vms or using docker. Here is the documents for Splunk manual installation.
http://docs.splunk.com/Documentation/Splunk/7.2.0/Installation/Whatsinthismanual

Step 2 – Convert it to the free license
Once Splunk Enterprise is installed you’ll want to convert it to the free license so you can use it perpetually without any hassle.
If you currently have Splunk Enterprise (trial or not), you can either wait for your Enterprise license to expire, or switch to a Free license at any time. To switch to a Free License:
A. Log in to Splunk Web as a user with admin privileges and navigate to Settings > Licensing.
B. Click Change license group at the top of the page.

Step 3 – Download the sample data files
Download the tutorialdata.zip file. Do not uncompress the file.
Download the Prices.csv.zip file. Do not uncompress the file at this time.

Step 4 – Play in your Splunk Sandbox
Follow the follwing url for Search Tutorial.
http://docs.splunk.com/Documentation/Splunk/latest/SearchTutorial/WelcometotheSearchTutorial

Rajesh Kumar
Follow me
Latest posts by Rajesh Kumar (see all)