We're at the LinuxWorld Expo, San Francisco this week in booth #463. Stop by if you'd like an in-person demo of our product (we can get you an exhibition hall pass if you need one) or feel free to check out our Splunk sandbox if you can't make it this time. We installed Splunk there and loaded a typical set of LAMP stack logs into it. There's a few hangs/failures in the logs for you to check out if you like. Be sure to try "Show Events By Time", "Show Other Search Tools", and my favorite cutesy feature "Invert".
Some perhaps non-obvious things you can do:
- See a histogram of your event types. Narrow down what you're looking at by selecting an event type.
- Narrow by source file or source file type (e.g., "just show apache logs or just show this Apache log)
- Click to narrow to an interval in the time line. Shift click to set a range. Search results updated dynamically.
- Command-Option-Click to hide results of a particular type.
Check it out and let us know what you think.
Technorati Tags: LinuxWorld, Splunk
Comments