Splunk Fundamentals 2 – 3rd-6th March
product-template-default,single,single-product,postid-17304,woocommerce,woocommerce-page,ajax_fade,page_not_loaded,,qode-theme-ver-1.5,wpb-js-composer js-comp-ver-4.3.5,vc_responsive

Splunk Fundamentals 2 - 3rd-6th March

Splunk Fundamentals 2 – 3rd-6th March


Units: 4

Duration: 18 hours over 4 days

Time:9am – 1:30pm AEST (GMT +10)

Major topics include using transforming commands and visualizations, filtering and formatting results, correlating events, creating knowledge objects, using field aliases and calculated fields, creating tags and event types, using macros, creating workflow actions and data models, and normalizing data with the Common Interface Model (CIM).

Course Topics
  • Transforming commands and visualization
  • Filtering and formatting Results
  • Correlating events
  • Knowledge objects
  • Fields (Field aliases, field extractions, calculated fields)
  • Macros
  • Workflow actions
  • Data models
  • Splunk Common Information Model (CIM)
Class Format

Instructor-led lecture with labs. Delivered via virtual classroom or at your site.


Course Prerequisites


Course Objectives

Module 1 – Introduction

  • Overview of Buttercup Games Inc.
  • Lab environment

Module 2 – Beyond Search Fundamentals

  • Search Fundamentals review
  • Case sensitivity
  • Using the job inspector to view search performance

Module 3 – Using Transforming Commands for Visualisations

  • Explore data Structure requirements
  • Explore Visualisation types
  • Create and format charts and timecharts

Module 4 – Using Mapping and Single Value Commands

  • The iplocation Command
  • The geostats Command
  • The geom Command
  • The addtotals Command

Module 5 – Filtering and Formatting results

  • The eval Command
  • Using the search and where commands to filter results
  • The filnull command

Module 6 – Correlating Events

  • Identify Transactions
  • Group events using fields
  • Group events using fields and time
  • Search on transactions
  • Report on transactions
  • Determine when to use transactions vs. stats

Module 7 – Introduction to Knowledge Objects

  • Identify naming conventions
  • Review Permissions
  • Manage Knowledge Objects
Category: Tag:

This 18 hour over 4 days course focuses on searching and reporting commands as well as on the creation of knowledge objects.