You can quickly search for only the information you want to see by entering keywords or special commands in the search box. In addition, since it is possible to intuitively narrow down the search results by mouse operation only, intuitive narrowing down is possible.

Selecting the search target period (time range)

• historical, real-time, custom
• Select by mouse operation from the timeline chart
  • zoom in/out, mouse drag

Flexible search method

• Keywords, Boolean Operations, Wildcards
• Search assist (past history, display of candidates)
• Search commands (statistical analysis, data processing)
• Saved Search: save, share/reuse search criteria

It is possible to create a pre-defined search box that allows you to search by simply entering an IP address.

• Predefine search forms to help perform simple searches
• Easy standard search
• available to everyone
• Easy customization and operation in multiple forms

It is possible to create a report from the search results with one click.

• Easily create graphs and reports such as charts, graphs, and tables based on search results
• Create a dashboard based on the report. Centralized display of various information
• Understand trends graphically. Promoting awareness through visualization
• Scheduled automatic report generation
• Regular delivery by e-mail (PDF, etc.)
• real time report

Report Acceleration technology dramatically reduces the time it takes to create reports. You can easily create a report by selecting the check Box. In addition, by automatically accumulating reports periodically as summaries, it is possible to quickly display reports covering a long period of time.

With the dynamic drill-down function, the field value clicked on the dashboard is entered as it is in the next dashboard or search box on the search screen, enabling drill-down in one step and clicking on the dashboard. The ability to drill down by clicking is now more convenient and easier to use.

Whether you're running Splunk on Linux, Unix, Mac, or Windows, you can now download report results in PDF format or email them to administrators.

It is possible to apply the search formula used for the search as it is as an alert rule.

• Flexible conditions, schedules and threshold settings
• Real-time alert
• List display by alert console
• Automatic execution of various actions
  • E-mail notification
    Results can also be attached (CSV, PDF*)
    *PDF report is available only for Linux version.
    *Separate PDF software required
  • Other alert notifications
    RSS, SNMP, etc.
  • script execution

Index Replication technology makes it possible to replicate data between multiple Index servers. This makes it possible to prevent data loss in the event of a failure of one or more Index servers and achieve high availability in cases where multiple Index servers are operated.