Getting Started

Introduction

What you’ll build, what you need, and a 60-second tour of the toolchain.

5 min Beginner overviewsetup

Welcome. Over the next hour, you’ll go from an empty terminal to a working Splunk dashboard with live, queryable data. We’ll move quickly — but every step has an escape hatch if you get stuck.

Why this workshop

Splunk is at its best when you see results in minutes, not days. This workshop is intentionally hands-on: you’ll be typing into a real terminal, pressing real keys, and watching real events stream in.

What you’ll build

By the end, your dashboard will look something like this:

Dashboard preview
Sample dashboard — yours will track ingestion rate, top sourcetypes, and event latency.

How this guide works

Every workshop in this series follows the same shape:

  1. A short framing section like this one
  2. A series of steps with code, commands, and screenshots
  3. Exercises to reinforce — with collapsible solutions
  4. A checkpoint at the end so you know everything’s wired up

Read first, run second

We strongly recommend skimming each step before typing anything. The narrative tells you why; the commands only tell you what.

Note

This theme was designed to feel like a beautifully typeset technical book — slow down, settle in, and enjoy the prose.

A note on shortcuts

Throughout the workshop, keyboard shortcuts appear like this: press Cmd+K to open the command palette, or Ctrl+Shift+P on Windows.

When you’re ready, click Next to install Splunk.

Last Modified ·