All I Want for Christmas is a Support
Resolution
Resolution
This critical piece of information, often found under the, "About" section in Splunk, is essential when opening a support case.
What is Splunk version?
This is the primary purpose of Splunk, enabling organizations to make sense of machine-generated data.
What is collecting, indexing, and analyzing machine-generated data?
Types of search modes supported in Splunk
What is Fast Mode, Smart Mode, and Verbose Mode?
Customers on the Standard Success Plan receive this many Education Training Units.
What is 700?
The number of pillars or partnership areas.
What is three?
This command-line tool is used to collect diagnostic information from Splunk instances and is commonly requested by Support to troubleshoot issues.
What is splunk diag?
Splunk uses this query language to search, filter, and analyze data.
What is Search Processing Language (SPL)?
Type of Splunk Cloud deployment that supports self-service app installation
What is Victoria Experience?
This Splunk platform offers on-demand training and certifications to help customers deepen their knowledge of Splunk.
What is STEP?
This persona is responsible for the adoption of new customer use cases.
Who is the Solutions Architect (formerly SE)?
Daily Double!!!
When submitting a support ticket, these three key details about the issue ensure faster resolution,
What are the problem description, steps to reproduce, and relevant logs?
This Splunk component is responsible for storing and managing indexed data.
What is the indexer?
The amount of time that data restored from DDAA is searchable
What is 30 days?
This is the primary online portal where customers can find documentation, guides, and resources for using Splunk products.
What is Splunk Documentation?
This is a collaborative process to account for and mitigate risk.
What is Unified Risk Management (URM)?
This Splunk log file, located under $SPLUNK_HOME/var/log/splunk, is often reviewed by Support for errors related to indexing and search.
What is splunkd.log
This type of Splunk component forwards data from remote sources to Splunk indexers.
What is a Splunk forwarder?
Daily Double!!
The size of uncompressed data that is indexed on a daily basis in Splunk Cloud is used to help customers define which part of the Splunk architecture?
What is storage?
Premium Success customers receive this many OnDemand credits to enhance their Splunk experience.
What is 30?
Tasks required in support of a customers business objectives are contained in this plan
What is a Success Plan?
Splunk support may request targeted logging by adjusting settings for specific components. Engineers achieve this by modifying this configuration file or running this REST API endpoint.
What are log.cfg and services/server/logger?
In SPL, these two commands can be used to filter results based on specific conditions.
What are the where and search commands?
This model helps quantify the business benefits and cost differentiation for choosing between different Splunk deployment options (e.g. on-prem, BYOL, SaaS)?
What is the Total Cost of Ownership or TCO Model?
This is the name of Splunk's online community where customers can connect with peers, share best practices, and get help from experts.
What is Splunk Community or Splunk Answers?
Risks can be identified by this group.
Who is everyone?