Splunk Fundamentals 1 - Legacy Course Information
The Splunk Fundamentals 1 course is a self-paced e-learning that teaches you how to search and navigate in Splunk, use fields, get statistics from your data, create reports, dashboards, lookups, and alerts.
It will also introduce you to Splunk’s datasets features and Pivot interface.
​
This Fundamentals 1 Splunk Courses have been replaced by shorter Splunk single-subject course modules, this page have been retained to assist customers.
To see which courses have replaced Splunk Fundamentals 1 and book the equivalent course click here Single-subject to Multi-subject course mapping.
Alternatively contact one of our Training Consultants on 1300 245 802 or email sales@ingeniq.com.au
​
​
Splunk Fundamentals 1 - Course Topics
-
Introduction to Splunk’s interface
-
Basic Searching
-
Using fields in searches
-
Search Fundamentals
-
Transforming commands
-
Creating reports and dashboards
-
Datasets
-
The Common Information Model (CIM)
-
Creating and using lookups
-
Scheduled Reports
-
Alerts
-
Using Pivot
Class Format
Self-paced e-learning, requires HTML5 compatible browser. OR Instructor led version of the course delivered as a two – day class.
Course Prerequisites
None
Related Certifications
Splunk Fundamentals 1 - Audience
Anyone whose role requires them to view or run reports within Splunk.
Previous attendees have had various roles within their organisations such as Consultants, IT Operations/Security, Business Intelligence/Business Analysts and Marketing Professionals, Solution Architects and Application Developers.
After completing Splunk Fundamentals 1 course you will be able to
-
Get working, hands-on knowledge of all aspects of Splunk from an end-users perspective
-
Learn how to use the pivot tool to create charts without the use of the search language
-
Learn the basics of searching which will enable you to create and save simple searches and reports
-
You will also be able to create powerful, interactive visualisations which you can save as dashboards, which allow you to quickly see your data the way you want it.
Splunk Fundamentals 1 - Course Objectives
Module 1 – Introduction
-
How to Use the eLearning Interface
-
Overview of Buttercup Games Inc.
Module 2 – What is Splunk?
-
Splunk Components
-
Installing Splunk
-
Getting data into Splunk
Module 3 - Introduction to Splunk’s User Interface
-
Understand the uses of Splunk
-
Define Splunk Apps
-
Customizing your user settings
-
Learn basic navigation in Splunk
Module 4 - Basic Searching
-
Run basic searches
-
Use autocomplete to help build a search
-
Set the time range of a search
-
Identify the contents of search results
-
Refine searches
-
Use the timeline
-
Work with events
-
Control a search job
-
Save search results
Module 5 - Using Fields in Searches
-
Understand fields
-
Use fields in searches
-
Use the fields sidebar
Module 6 – Search Language Fundamentals
-
Review basic search commands and general search practices
-
Examine the search pipeline
-
Specify indexes in searches
-
Use autocomplete and syntax highlighting
-
Use the following commands to perform searches:
-
tables
-
rename
-
fields
-
dedup
-
sort
Module 7 – Using Basic Transforming Commands
-
The top command
-
The rare command
-
The stats command
Module 8 – Creating Reports and Dashboards
-
Save a search as a report
-
Edit reports
-
Create reports that include visualizations such as charts and tables
-
Create a dashboard
-
Add a report to a dashboard
-
Edit a dashboard
Module 9 – Datasets and the Common Information Model
-
Naming conventions
-
What are datasets?
-
What is the Common Information Model (CIM)?
Module 10 – Creating and Using Lookups
-
Describe lookups
-
Create a lookup file and create a lookup definition
-
Configure an automatic lookup
Module 11 – Creating Scheduled Reports and Alerts
-
Describe scheduled reports
-
Configure scheduled reports
-
Describe alerts
-
Create alerts
-
View fired alerts
Module 12 – Using Pivot
-
Describe Pivot
-
Understand the relationship between data models and pivot
-
Select a data model object
-
Create a pivot report
-
Create an instant pivot from a search
-
Add a pivot report to a dashboard
​
Splunk Course Schedules and Timezones
Ingeniq Course are delivered live and in English and provide access to customers spanning multiple timezones.
​
Dates and times displayed for each course are relative to Australian Eastern Time (AET).
​
​
AM Marked Splunk Courses
AM marked courses start at AET 9:00am and finish at AET 1:30pm (4.5 hour sessions over 1 or more days) and are optimal for customers in the following countries and areas;
​
-
UTC+10 including Australia (East Coast)
-
UCT+11/+12 including New Zealand and the Pacific Islands
-
UTC-8 including USA (West Coast), Canada (West Coast)
-
UTC-7 including USA (Mid West)
PM Marked Splunk Courses
PM marked courses start at AEDT 12:00pm and are optimal for customers in the following countries and areas;
​
-
UTC+10 including Australia (East Coast)
-
UCT+11/+12 including New Zealand and the Pacific Islands
-
UTC-8 including USA (West Coast), Canada (West Coast)
-
UTC-7 including USA (Mid West)