Advanced Searching and Reporting

Nabídka tohoto termínu kurzu již není aktuální. Podobné kurzy naleznete zde
  • Místo konání

  • Region:
    ONLINE
  • Adresa:
  • Termín

  • Doba trvání:
    1 den
Nabídka tohoto termínu kurzu již není aktuální. Podobné kurzy naleznete zde

Popis kurzu Advanced Searching and Reporting

Popis kurzu

This 13 hour course supplements the Splunk Fundamentals 2 class. It focuses on more advanced search and reporting commands. Scenario-based examples and hands-on challenges enable users to create robust searches, reports, and charts. Students are coached step by step through complex searches to produce final results. Major topics include the Splunk search process, using subsearches, additional statistical commands and functions, formatting and calculating results, charting commands and options, correlating events, and creating advanced lookups, and searching tsidx files.


This 13 hour course supplements the Splunk Fundamentals 2 class. It focuses on more advanced search and reporting commands. Scenario-based examples and hands-on challenges enable users to create robust searches, reports, and charts. Students are coached step by step through complex searches to produce final results. Major topics include the Splunk search process, using subsearches, additional statistical commands and functions, formatting and calculating results, charting commands and options, correlating events, and creating advanced lookups, and searching tsidx files.

Obsah kurzu

Course Objectives


Module 1 - Beyond Search Fundamentals



  • Use the proper case in searches

  • Describe Splunk’s search process

  • Use the search inspector to view search performance


Module 2 - Using Subsearches



  • Use subsearch to provide filtering and other information to a main search

  • Learn when to use - and when not to use - subsearches

  • Troubleshoot subsearches


Module 3 - Using Advanced Statistics



  • Use statistical functions such as list, max, standard deviation

  • Use the appendpipe command

  • Use the streamstats and eventstats commands


Module 4 - Using Data Manipulation, and Filtering



  • Use the following commands and functions:

  • bin

  • xyseries

  • foreach

  • where functions: like, isnull

  • eval functions: strftime, upper, case, replace


Module 5-Additional Charting Techniques



  • Use the following commands and functions:

  • addtotals

  • untable

  • append and appendcols


Module 6 - Using Advanced Transactions



  • Find events logged before or after a particular event occurs

  • Compare complete vs. incomplete transactions

  • Analyze transactions


Module 7 - Working with Time



  • Use time modifiers

  • Search for events using custom time ranges and time windows

  • Display and use using relative dates

  • Use custom time ranges in multiple subsearches


Module 8 - Using Advanced Lookups



  • Include or exclude events based on values in a lookup table

  • Build a baseline lookup table and reference its values in alerts


Module 9 - Searching tsidx Files



  • Use the tstats command to search:

  • Normal index data

  • Data models

  • Data model objects

  • tstats vs stats

Studijní materiály

V angličtině
Nabídka tohoto termínu kurzu již není aktuální. Podobné kurzy naleznete zde

Kontaktovat firmu - EDU Trainings s.r.o.

Váš email:
Váš dotaz:
Kontrola proti spamu. Kolik je jedna a jedna ? Součet zapište číslicemi.

Dodavatel veřejného kurzu

EDU Trainings s.r.o.

Prosíme zmiňte EduCity
při kontaktování dodavatele

Adresa

Táborská 619/46, 140 00 Praha 4 - Nusle

Kontakty


*Objednávka kurzu či žádost o více informací je zaslána přímo dodavateli vzdělávání. Ceny kurzů bez slev na EduCity jsou stejné jako u dodavatelů. Uplatnění slev u LAST MINUTE a Akčních kurzů pouze při objednání přes EduCity.