Advanced Searching & Reporting- Ingeniq Splunk Training Course
This 13.5 hour splunk course focuses on more advanced search and reporting commands. Scenario-based examples and hands-on challenges enable users to create robust searches, reports, and charts.
Splunk V6 training course, splunk advanced searching & reporting course , splunk Advanced Searching & Reporting training, splunk certification courses, training for Splunk Advanced Searching & Reporting
13238
page-template-default,page,page-id-13238,page-child,parent-pageid-9404,ajax_fade,page_not_loaded,,qode-theme-ver-1.5,wpb-js-composer js-comp-ver-4.3.5,vc_responsive

Advanced Searching & Reporting

This 13.5 hour splunk course focuses on more advanced search and reporting commands. Scenario-based examples and hands-on challenges enable users to create robust searches, reports, and charts. Students are coached step by step through complex searches to produce final results. Major topics include the Splunk search process, using sub-searches, additional statistical commands and functions, formatting and calculating results, charting commands and options, correlating events, and creating advanced lookups.

Units: 3
Duration: 13.5 hours over 3 days
Time: 9am – 1:30pm  AEST (GMT +10)
Cost: AUD 2,160.00 ex GST

Course Topics
  • Beyond Search Fundamentals
  • Using Sub-searches
  • Using Advanced Statistics
  • Manipulating and Filtering Data
  • Using Advanced Charting
  • Sorting, Searching, and Reformatting Time
  • Using Advanced Transactions
  • Using Advanced Lookups
  • Putting It All Together
After Completing this Course you will be able to:
  • Extend your basic search language knowledge
  • Understand and use sub-searches
  • Create advanced visualisations using extended search language
  • Identify events before or after events
  • Use advanced lookups
  • Understand and be able to use the DB Connect App
Class Format

Instructor-led lecture with labs. Delivered via virtual classroom or at your site.

 

Course Prerequisites
  • Splunk Fundamentals 1
  • Splunk Fundamentals 2
  • Highly recommended, 6 months experience with the Splunk search language
Course Objectives

Module 1 – Beyond Search Fundamentals

  • Use the proper case in searches
  • Describe Splunk’s search process
  • Use the search inspector to view search performance

Module 2 – Using Sub-Searches

  • Use sub-searches to correlate data by finding events that:
    • Have matching values for a common field in the results of a sub-search
    • Do not have matching values for a common field in the results of a sub-search
    • Have matching values for a field with a different name in the results of a sub-search

Module 3 – Using Advanced Statistics

  • Use statistical functions such as min, max, mean, median, and standard deviation
  • Use the appendpipe command
  • Use the streamstats and eventstats commands

Module 4 – Using Data Manipulation, and Filtering

  • Use the following commands and functions:
    • bin
    • xyseries
    • foreach
    • Filtering commands – search
    • Filtering commands – where
    • where functions: like, isnull
    • eval functions: strftime, upper, case, replace

Module 5- Using Advanced Charting

  • Use the following commands and functions:
    • untable
    • addtotals
    • append and appendcols

Module 6 – Sorting, Searching, and Reformatting Time

  • Search for events using custom time ranges
  • Search for events within a window of time
  • Display and use using relative dates
  • Use the return command

Module 7 – Using Advanced Transactions

  • Find events logged before a particular event occurs
  • Find events logged after a particular event occurs
  • Compare complete transactions
  • Analyze transactions

Module 8 – Using Advanced Lookups

  • Include events based on values in a lookup table
    • Exclude events based on values in a lookup table
    • Build a baseline lookup table and reference the baseline values in alerts

Module 9 – Putting It All Together

Audience

Anyone within a technical role who needs to utilise more complex searches or reports or are looking to become Splunk certified. Previous attendees have included Consultants, IT Administrators, Data Scientists, Security and Risk Professionals and Solution Architects.

Advanced Searching & Reporting Course Dates

Advanced Searching and Reporting – 4th-6th June

This 13.5 hour course focuses on more advanced search and reporting commands. Scenario-based examples and hands-on challenges enable users to create…

$2,160.00

Advanced Searching and Reporting – 18th-20th July

This 13.5 hour course focuses on more advanced search and reporting commands. Scenario-based examples and hands-on challenges enable users to create…

$2,160.00
Training Calendar