product
- Why choose Splunk
- Installation record
- price
- Splunk Enterprise Security
- Splunk Phantom (SOAR)
- Splunk ITSI (Next Generation IT Operations)
- Splunk Observability Cloud
- Splunk UBA
- Macnica CSIRT App Basic
- App for Splunk for Financial Institutions
- Splunk Analytics for Hadoop
- About Apps
- Splunk Edge Hub
- What is Splunk
service
- Dashboard/SPL Creation Pack [Implementation/Building Support]
- Version upgrade service [implementation and construction support]
- Smart Security Monitoring App [Original App/Service]
- Splunk × LANSCOPE Original App [Original App/Service]
- Security Monitoring App for Box [Original App/Service]
- Cloud Security Monitoring App [Original App/Service]
- List of services
- Macnica Premium Support for Splunk (utilization support, version upgrade monitoring)
- Macnica Premium Support for Splunk Skill Up Package
Specifications/Technical Information
Application for evaluation machine
- FAQ
Data model
A data model is an analytical model with a hierarchical structure that organizes meaningful search units based on one or more data sources.
Hierarchical structure is composed of meaningful searches (child searches) derived from a parent search created as a basis, as shown below.
- parent: web server access log
-
- child: communication at night
- Child: daytime communication
- Child: Communication carrying out XX
By creating a data model, for example, even if you are investigating which "connected domain" is the most frequent "nighttime", you can obtain the result by GUI operation (Pivot) without using Splunk commands. In other words, creating a data model makes it possible to prepare an environment for analyzing data without having special knowledge or skills.
If you enable the high-speed setting of the created data model, you can get results up to 1000 times faster than normal search.
In charge of Macnica Splunk Co., Ltd.
- TEL:045-476-2010
- E-mail:splunk-sales@macnica.co.jp
Weekdays: 9:00-17:00
