Scribd Logo
Upload

Welcome to Scribd!

  • Splunk Fundamentals 2: Course Topics

    Uploaded by

    Srivani Boddepalli
    12 views2 pages
    This course builds on fundamentals to teach advanced searching, reporting, and knowledge object creation in Splunk. Topics include transforming data, filtering results, correlating events, creating fields, tags, and event types, using macros and workflow actions, and normalizing data with Common Information Modeling. The course uses scenario-based examples and hands-on labs to help students master complex searches, reports, charts, and other Splunk features.

    Original Description:

    Splunk6.6FundamentalsPart2Description

    Original Title

    Splunk6.6FundamentalsPart2Description

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    This course builds on fundamentals to teach advanced searching, reporting, and knowledge object creation in Splunk. Topics include transforming data, filtering results, correlating events, creating fields, tags, and event types, using macros and workflow actions, and normalizing data with Common Information Modeling. The course uses scenario-based examples and hands-on labs to help students master complex searches, reports, charts, and other Splunk features.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    12 views2 pages

    Splunk Fundamentals 2: Course Topics

    Uploaded by

    Srivani Boddepalli
    This course builds on fundamentals to teach advanced searching, reporting, and knowledge object creation in Splunk. Topics include transforming data, filtering results, correlating events, creating fields, tags, and event types, using macros and workflow actions, and normalizing data with Common Information Modeling. The course uses scenario-based examples and hands-on labs to help students master complex searches, reports, charts, and other Splunk features.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 2

    Splunk Fundamentals 2

    § Using the search and where commands to filter results


    This course picks up where Splunk 6.6 Fundamentals Part 1 leaves § The filnull command
    off, focusing on more advanced searching and reporting commands
    as well as on the creation of knowledge objects. Module 6 – Correlating Events
    Scenario-based examples and hands-on challenges coach you step- § Identify transactions
    by-step through the creation of complex searches, reports, and § Group events using fields
    charts. Major topics include using transforming commands and § Group events using fields and time
    visualizations, filtering and formatting results, correlating events,
    § Search with transactions
    creating knowledge objects, using field aliases and calculated fields,
    § Report on transactions
    creating tags and event types, using macros, creating workflow
    actions and data models, and normalizing data with the Common § Determine when to use transactions vs. stats
    Interface Model (CIM). Module 7 – Introduction to Knowledge Objects
    § Identify naming conventions
    Course Topics § Review permissions
    § Transforming commands and visualization § Manage knowledge objects
    § Filtering and formatting Results Module 8 – Creating and Managing Fields
    § Correlating events § Perform regex field extractions using the Field Extractor (FX)
    § Knowledge objects § Perform delimiter field extractions using the FX
    § Fields (Field aliases, field extractions, calculated fields)
    Module 9 – Creating Field Aliases and Calculated Fields
    § Tags and event types
    § Macros § Describe, create, and use field aliases
    § Workflow actions § Describe, create and use calculated fields
    § Data models Module 10 – Creating Tags and Event Types
    § Splunk Common Information Model (CIM) § Create and use tags
    § Describe event types and their uses
    Course Prerequisites § Create an event type
    Splunk 6.6 Fundamentals Part 1
    Module 11 – Creating and Using Macros
    Class Format § Describe macros
    Instructor-led lecture with labs, delivered via virtual classroom or § Create and use a basic macro
    at your site § Define arguments and variables for a macro
    § Add and use arguments with a macro
    Course Objectives Module 12 – Creating and Using Workflow Actions
    Module 1 – Introduction § Describe the function of GET, POST, and Search workflow
    § Overview of Buttercup Games Inc. actions
    § Lab environment § Create a GET workflow action
    § Create a POST workflow action
    Module 2 – Beyond Search Fundamentals
    § Create a Search workflow action
    § Search fundamentals review
    § Case sensitivity Module 13 – Creating Data Models
    § Using the job inspector to view search performance § Describe the relationship between data models and pivot
    § Identify data model attributes
    Module 3 – Using Transforming Commands for
    § Create a data model
    Visualizations
    § Use a data model in pivot
    § Explore data structure requirements
    § Explore visualization types Module 14 – Using the Common Information Model (CIM)
    § Create and format charts and timecharts Add-On
    § Describe the Splunk CIM
    Module 4 – Using Mapping and Single Value Commands
    § List the knowledge objects included with the Splunk CIM
    § The iplocation command Add-On
    § The geostats command § Use the CIM Add-On to normalize data
    § The geom command
    § The addtotals command
    Module 5 –Filtering and Formatting Results
    § The eval command

    Splunk Education Services


    About Splunk Education
    Splunk classes are designed for specific roles such as Splunk
    Administrator, Developer, User, Knowledge Manager, or
    Architect.
    Certification Tracks
    Our certification tracks provide comprehensive education for
    Splunk customer and partner personnel according to their areas
    of responsibility.

    To view all of Splunk Education's course offerings, or to register


    for a course, go to http://www.splunk.com/goto/education
    To contact us, email education_AMER@splunk.com

    About Splunk Splunk Inc.


    Splunk is software that indexes, 270 Brannan
    manages and enables you to
    search data from any application, San Francisco, CA 94107
    server or network device in real 866.GET.SPLUNK
    time. (866.438.7758)
    sales@splunk.com
    Visit our website at
    support@splunk.com
    www.splunk.com to download your
    own free copy.

    Splunk Education Services

    You might also like