Getting Started

Introduction

What you’ll build, what you need, and a 60-second tour of the toolchain.

5 min Beginner overviewsetup

Welcome. Over the next hour, you’ll go from an empty terminal to a working Splunk dashboard with live, queryable data. We’ll move quickly — but every step has an escape hatch if you get stuck.

Why this workshop #

Splunk is at its best when you see results in minutes, not days. This workshop is intentionally hands-on: you’ll be typing into a real terminal, pressing real keys, and watching real events stream in.

What you’ll build #

By the end, your dashboard will look something like this:

Dashboard preview
Sample dashboard — yours will track ingestion rate, top sourcetypes, and event latency.

How this guide works #

Every workshop in this series follows the same shape:

  1. A short framing section like this one
  2. A series of steps with code, commands, and screenshots
  3. Exercises to reinforce — with collapsible solutions
  4. A checkpoint at the end so you know everything’s wired up

Read first, run second

We strongly recommend skimming each step before typing anything. The narrative tells you why; the commands only tell you what.

Note

This theme was designed to feel like a beautifully typeset technical book — slow down, settle in, and enjoy the prose.

A note on shortcuts #

Throughout the workshop, keyboard shortcuts appear like this: press Cmd+K to open the command palette, or Ctrl+Shift+P on Windows.

When you’re ready, click Next to install Splunk.

Last Modified ·