Splunk Fundamentals 2 – 5-8 May
17422
product-template-default,single,single-product,postid-17422,woocommerce,woocommerce-page,ajax_fade,page_not_loaded,,qode-theme-ver-1.5,wpb-js-composer js-comp-ver-4.3.5,vc_responsive

Splunk Fundamentals 2 - 5-8 May

Splunk Fundamentals 2 – 5-8 May

$3,448.00

Course Topics
  • Transforming commands and visualization
  • Filtering and formatting Results
  • Correlating events
  • Knowledge objects
  • Fields (Field aliases, field extractions, calculated fields)
  • Macros
  • Workflow actions
  • Data models
  • Splunk Common Information Model (CIM)
Class Format

Instructor-led lecture with labs. Delivered via virtual classroom or at your site.

 

Course Prerequisites

None

Course Objectives

Module 1 – Introduction

  • Overview of Buttercup Games Inc.
  • Lab environment

Module 2 – Beyond Search Fundamentals

  • Search Fundamentals review
  • Case sensitivity
  • Using the job inspector to view search performance

Module 3 – Using Transforming Commands for Visualisations

  • Explore data Structure requirements
  • Explore Visualisation types
  • Create and format charts and timecharts

Module 4 – Using Mapping and Single Value Commands

  • The iplocation Command
  • The geostats Command
  • The geom Command
  • The addtotals Command

Module 5 – Filtering and Formatting results

  • The eval Command
  • Using the search and where commands to filter results
  • The filnull command

Module 6 – Correlating Events

  • Identify Transactions
  • Group events using fields
  • Group events using fields and time
  • Search on transactions
  • Report on transactions
  • Determine when to use transactions vs. stats

Module 7 – Introduction to Knowledge Objects

  • Identify naming conventions
  • Review Permissions
  • Manage Knowledge Objects
Category: Tag:

This 18 hour over 4 days course focuses on searching and reporting commands as well as on the creation of knowledge objects.