Splunk® Enterprise

Search Tutorial 8.2.2

What you need for this tutorial
Generated: 8/27/2021 9:31 pm

Copyright (c) 2021 Splunk Inc. All Rights Reserved

What you need for this tutorial
You need to create a Splunk.com account, access the free Trial version of the Splunk software, and download the tutorial
data files. There might be other prerequisites, depending on which Splunk platform you use.

Create a splunk.com account

You need a splunk.com account to download the free Trial version of the Splunk software. Creating an account is free. If
you do not already have a Splunk.com account, you need to create an account. If you already have an account, you need
to log in to that account.

1. In a separate browser window, go to https://www.splunk.com/.

♦ Use CTRL+click on the link to open the web site in a new browser tab.
♦ By using a separate browser tab, you will keep this open this tab with the Search Tutorial instructions.
You can switch back and forth between the browser tabs.
2.
In the upper right corner of the window, click the Splunk Account icon .
If you are already logged in, your name appears next to the icon.

♦ To create an account, click Sign Up and complete the registration information.

♦ To log in to an existing account, click Login.

Choose a platform

You can use this tutorial with a Trial version of Splunk Cloud or Splunk Enterprise. The main difference in the Trial
versions is the length of the license.

Splunk Cloud
When you start a Splunk Cloud Trial, you have access to Splunk Cloud for 15 days. The Trial license includes all
of the features in Splunk Cloud, and access to select premium applications and add-ons. You can index up to
5GB of data each day.

After 15 days, the access to your Splunk Cloud Trial expires.

Splunk Enterprise
When you download Splunk Enterprise for the first time, you get a Splunk Enterprise Trial license for 60 days.
This trial license includes all of the features in Splunk Enterprise, and access to all premium applications and
add-ons. You can index up to 500MB of data each day.

After 60 days, the Enterprise Trial license converts to a perpetual Free license and some of the features, such as
user preferences, authentication, and alerting are disabled. The Free license also includes the 500MB daily
indexing volume, but there is no expiration date. See About Splunk Free in the Admin manual.

System requirements

Ensure that your computer meets the system requirements for your chosen platform.

1
Splunk Cloud

You must have a web browser. The latest versions of Chrome, Firefox, and Safari browsers are supported with
Splunk Cloud.

Splunk Enterprise

You can use Splunk Enterprise on Linux, Windows, or macOS (10.14 and 10.15 only). For this tutorial, your
computer must meet the specifications listed in the following table.

Requirement Minimum supported hardware capacity

Non-Windows platforms 2-core 64-bit CPU at 2GHz or greater, 4GB RAM

Windows platforms 2-core 64-bit CPU at 2GHz or greater, 4GB RAM

Web browser The latest versions of Chrome, Firefox, and Safari browsers are supported.

Download the tutorial data files

This tutorial uses a fictitious game store, called Buttercup Games, that sells games and related items in an online store.

You must download several data files to use with the tutorial. The data files contain web access log files, secure formatted
log files, sales log files, and a price list in a CSV file.

If you use the Safari browser, under Preferences > General, ensure that the Open "safe" files after downloading option
is unchecked. The tutorialdata.zip file must be compressed to upload the file successfully.

1. Download the tutorialdata.zip file. Do not uncompress the file.

2. Download the Prices.csv.zip file. Do not uncompress the file at this time.

Access the Trial version of the Splunk software

For this tutorial, use the latest version of the software.

If you downloaded the Splunk Enterprise Trial software previously, download the Trial software again. It is possible that
your Splunk Enterprise Trial license converted to a Free license. The Free license has some limitations that will not
allow you to complete all parts of this tutorial.

1. Go back to the tab in your browser for the Splunk web site, https://www.splunk.com/.
2. In the upper right corner of the window, click Free Splunk.
3. Choose the platform you want to use and click on the link to download the Trial software.

Splunk Cloud

1. Confirm that you are not a robot.

2. Click Start Trial.
3. A confirmation page appears stating "Your Splunk Cloud Trial is Ready!". Click View My Instance.
You will also receive an email with the URL to your Splunk Cloud Trial and other useful information.

2
 4. Accept the Terms of Service. Splunk Cloud should open in a browser window.
5. See Next step.

Splunk Enterprise

1. Identify the installer that you want to use with the tutorial.
Operating
For this tutorial Available installers
system
Use the MSI file graphical installer that is appropriate for 2 installers. An MSI file for 64-bit and an MSI file
Windows
you computer. for 32-bit.

3 installers. A RPM package, a DEB package,

Linux Use the file that is appropriate for your Linux distribution.
and a compressed TAR (.tgz) file.

Use the DMG packaged graphical installer.

macOS Support for MacOS is deprecated. You can install Splunk
Enterprise only on versions 10.14 or 10.15.

2 installers. A compressed TAR (.tgz) file installer and a DMG package.

2. Click Download Now next to that installer.
3. See Next step.

Next step

The next step depends on the Splunk platform that you are using.

Splunk Cloud

Splunk Web should launch automatically. The email you receive about your Splunk Cloud Trial contains the
username and password that you can use to access Splunk Cloud. The default username is sc_admin.

If you see a window welcoming you to the Splunk Cloud Trial and inviting you to Drop your data file here, close
that window. You will upload the tutorial data In Part 2. For now, go to Navigating Splunk Web.

Splunk Enterprise

You must install Splunk Enterprise.

See also

System Requirements in the Installation Manual

Types of Splunk licenses in the Admin Manual