Security business menu
Security business
HOME
To be elected
cause
Service
Handling Manufacturer
Examples/reports/
Blog/Glossary
Seminar/
video on demand
TOP
Products/Services
Specifications/Technical Information
solution
User stories
support
Seminar content
Evaluation machine application/FAQ
Document request
inquiry
Event/Seminar
video on demand

Data model

A data model is an analytical model with a hierarchical structure that organizes meaningful search units based on one or more data sources.

Hierarchical structure is composed of meaningful searches (child searches) derived from a parent search created as a basis, as shown below.

  • parent: web server access log
    1. child: communication at night
    2. Child: daytime communication
    3. Child: Communication carrying out XX
*Both parent search and child search are defined so that any field can be selected. (Destination domain, internal IP, number of bytes sent, destination country information, etc.)

By creating a data model, for example, even if you are investigating which "connected domain" is the most frequent "nighttime", you can obtain the result by GUI operation (Pivot) without using Splunk commands. In other words, creating a data model makes it possible to prepare an environment for analyzing data without having special knowledge or skills.

If you enable the high-speed setting of the created data model, you can get results up to 1000 times faster than normal search.

to previous page