Upgrade to Pro — share decks privately, control downloads, hide ads and more …

SplunkのData Model Accelerationは何故早いのか

Avatar for odorusatoshi odorusatoshi
September 02, 2019
Technology
1
1.6k

SplunkのData Model Accelerationは何故早いのか

Data Model Acceleration(データモデル高速化)の仕組みをご紹介。

Avatar for odorusatoshi

odorusatoshi

September 02, 2019
Tweet

More Decks by odorusatoshi

See All by odorusatoshi
入門 PEAK Threat Hunting @SECCON
Avatar for odorusatoshi odorusatoshi
0
460
AWS VPC Traffic Mirroringを使って​ Fraud監視をスタート!​
Avatar for odorusatoshi odorusatoshi
0
310
無償のセキュリティ神Apps10選
Avatar for odorusatoshi odorusatoshi
0
1.3k
SplunkとThreat Hunting
Avatar for odorusatoshi odorusatoshi
1
1.6k
Splunking_webproxy
Avatar for odorusatoshi odorusatoshi
0
450
Splunking_ActiveDirectory
Avatar for odorusatoshi odorusatoshi
0
400
Splunking_fw_dns
Avatar for odorusatoshi odorusatoshi
0
590
Splunking_sysmon
Avatar for odorusatoshi odorusatoshi
0
540
Splunking_AWS_security
Avatar for odorusatoshi odorusatoshi
0
330

Other Decks in Technology

See All in Technology
GitHub Copilot CLI で Azure Portal to Bicep
Avatar for Yuta Matsumura tsubakimoto_s
0
290
ThetaOS - A Mythical Machine comes Alive
Avatar for Martijn aslander
0
220
なぜarray_firstとarray_lastは採用、 array_value_firstとarray_value_lastは 見送りだったか / Why array_value_first and array_value_last was declined, then why array_first and array_last was accpeted?
Avatar for 02 cocoeyes02
0
270
GitHub Advanced Security × Defender for Cloudで開発とSecOpsのサイロを超える: コードとクラウドをつなぐ、開発プラットフォームのセキュリティ
Avatar for yuriemori yuriemori
1
110
俺の/私の最強アーキテクチャ決定戦開催 ― チームで新しいアーキテクチャに適合していくために / 20260322 Naoki Takahashi
Avatar for SHIFT EVOLVE shift_evolve
PRO
1
470
Physical AI on AWS リファレンスアーキテクチャ / Physical AI on AWS Reference Architecture
Avatar for shota aws_shota
1
180
Astro Islandsの 内部実装を 「日本で一番わかりやすく」 ざっくり解説!
Avatar for Wu Kenji knj
0
320
FastMCP OAuth Proxy with Cognito
Avatar for iganin hironobuiga
3
220
PostgreSQL 18のNOT ENFORCEDな制約とDEFERRABLEの関係
Avatar for Yasuo Honda yahonda
0
150
「AIエージェントで変わる開発プロセス―レビューボトルネックからの脱却」
Avatar for LINEヤフーTech (LY Corporation Tech) lycorptech_jp
PRO
0
180
DDD×仕様駆動で回す高品質開発のプロセス設計
Avatar for Koichiro Matsuoka littlehands
6
2.7k
AI時代のオンプレ-クラウドキャリアチェンジ考
Avatar for Yutaro Shirayama yuu0w0yuu
0
610

Featured

See All Featured
SEOcharity - Dark patterns in SEO and UX: How to avoid them and build a more ethical web
Avatar for Sara Fernández Carmona sarafernandez
0
150
Side Projects
Avatar for Sacha Greif sachag
455
43k
More Than Pixels: Becoming A User Experience Designer
Avatar for Michelle Schulp Hunt marktimemedia
3
360
Prompt Engineering for Job Search
Avatar for Mfonobong Umondia mfonobong
0
240
A brief & incomplete history of 
UX Design for the World Wide Web: 1989–2019
Avatar for Jason CranfordTeague jct
1
330
ReactJS: Keep Simple. Everything can be a component!
Avatar for Pedro Nauck pedronauck
666
130k
The State of eCommerce SEO: How to Win in Today's Products SERPs - #SEOweek
Avatar for Aleyda Solis aleyda
2
10k
Visualizing Your Data: Incorporating Mongo into Loggly Infrastructure
Avatar for mongodb mongodb
49
9.9k
The Psychology of Web Performance [Beyond Tellerrand 2023]
Avatar for Tammy Everts tammyeverts
49
3.3k
[SF Ruby Conf 2025] Rails X
Avatar for Vladimir Dementyev palkan
2
870
JavaScript: Past, Present, and Future - NDC Porto 2020
Avatar for David Neal reverentgeek
52
5.9k
The Invisible Side of Design
Avatar for Vitaly Friedman smashingmag
302
51k

Transcript

  1. © 2018 SPLUNK INC. © 2018 SPLUNK INC. Data Model

    Acceleration   Senior Sales Engineer 2019.07.06 Ver0.2

  2. © 2018 SPLUNK INC.     .C 

     @A024 # "$6     !E3 # # "$/;   =Authentication# *#+   # "$172 &+%-D 9B)8 &+% ?: (,$# "$/;5<4    ># "$Authentication'"$

  3. © 2018 SPLUNK INC.   Pivot# " $ (=)

    !

  4. © 2018 SPLUNK INC. ▶ ,4) • +4)4('#:6A<(&.(2@ -1(.tsidx*2)EC •

    -1indexbucket=?N  • -17;UQ> -1TRM J -1307;UPO • (&.(2$03!/4D@85 -1@#)3"LKG?(& .(29C@1%#FSHB ▶ I   • _raw .tsidx  ””         .'+*,.)- !&.#+(.!.$  

  5. © 2018 SPLUNK INC. :8'+(.tsidx%,)/= #!(#, *-).10 .tsidx2&.!64?> rawdata 

      5 <  3;"10 .tsidx2$-97 RawData          

  6. © 2018 SPLUNK INC.     #! "#!

       *%($# +) ($ . "'&0/  • 100% 21($ # +)  •  46.12MB- , !

  7. © 2018 SPLUNK INC.  VS  " 5/ #$-6

    0Authentication2 0Authentication!1'  +%)$  ,* )$2 (&43   19.202.  4.633.

  8. © 2018 SPLUNK INC. * '    @=+

    E/BC46'(Linuxwindows vpn )< %&+46?> &#<1  CIM;D Datamodel9, | datamodel *A+ !(3/246' Datamodel8 ) $  Datamodel *A+ %( :@+ *A(tstats) 8 )F | tstats !(3/246' Datamodel8 SPL !)  $  Datamodel *A+ %( :@+ Pivot-78 & #5. | pivot "-7 0 ,$( '#   "( ( ) I M f e f e fd C M d

  9. © 2018 SPLUNK INC. |datamodel     

      |datamodel Authentication search | search

  10. © 2018 SPLUNK INC. |tstats  Datamodel   

    |tstats summariesonly=true count from datamodel=Authentication groupby Authentication.user

  11. © 2018 SPLUNK INC. stats VS tstats VS tstats(summariesonly=t) Firewall

     !  • 0.299 • tstats summariesonly=t • ! $ • 4.239 • tstats summariesonly=f • #"_raw  • 28.966 • stats

  12. © 2018 SPLUNK INC. ▶ #& $"%!& *  https://docs.splunk.com/Documentation/Splunk/7.3.0/Knowledge/Aboutsummaryindex

    ing ▶ PIVOT vs DATAMODEL vs TSTATS (by Splunk Answers) https://answers.splunk.com/answers/330264/pivot-vs-datamodel-vs-tstats.html ▶   ' How Search Works - $$TSIDXTERM + () https://www.slideshare.net/takashikomatsubara50/how-search-works-tsidxterm