What is a quick, comprehensive way to learn what data is present in a Splunk deployment?

Choosing to click on "Data Summary" in Splunk Web is indeed a quick and comprehensive way to learn about the data present in a Splunk deployment. The Data Summary feature provides an organized overview of the various data sources that are ingested into Splunk, along with the respective indexes, sourcetypes, and hosts. This functionality allows users to easily navigate through their data, offering insights into how data is structured and where it comes from without needing to perform complex queries or reports.

The other methods mentioned, though useful in their own right, do not provide as immediate or comprehensive an overview. For instance, reviewing Splunk reports would require prior knowledge of what kind of reports have been generated, potentially leaving gaps in awareness about other data that might be present. Running the command './splunk show' returns specific information about the Splunk instance and its status rather than a detailed data inventory. Lastly, performing a search using the index and sourcetype can yield results, but it requires familiarity with the indexing structure and may not present a complete picture of all available data at once. Therefore, using the Data Summary feature is the most efficient way to get a holistic view of the data in a Splunk deployment.