Splunk Fundamentals 2

Nabídka tohoto termínu kurzu již není aktuální. Podobné kurzy naleznete zde
  • Místo konání

  • Region:
    ONLINE
  • Adresa:
  • Termín

  • Doba trvání:
    4 dny
Nabídka tohoto termínu kurzu již není aktuální. Podobné kurzy naleznete zde

Popis kurzu Splunk Fundamentals 2

Popis kurzu

This course focuses on searching and reporting commands as well as on the creation of knowledge objects. Major topics include using transforming commands and visualizations, filtering and formatting results, correlating events, creating knowledge objects, using field aliases and calculated fields, creating tags and event types, using macros, creating workflow actions and data models, and normalizing data with the Common Interface Model (CIM).


This course focuses on searching and reporting commands as well as on the creation of knowledge objects. Major topics include using transforming commands and visualizations, filtering and formatting results, correlating events, creating knowledge objects, using field aliases and calculated fields, creating tags and event types, using macros, creating workflow actions and data models, and normalizing data with the Common Interface Model (CIM).

Obsah kurzu

Course Objectives


Module 1 - Introduction



  • Overview of Buttercup Games Inc.

  • Lab environment


Module 2 - Beyond Search Fundamentals



  • Search fundamentals review

  • Case sensitivity

  • Using the job inspector to view search performance


Module 3 - Using Transforming Commands for Visualizations



  • Explore data structure requirements

  • Explore visualization types

  • Create and format charts and timecharts


Module 4 - Using Mapping and Single Value Commands



  • The iplocation command

  • The geostats command

  • The geom command

  • The addtotals command


Module 5 - Filtering and Formatting Results



  • The eval command

  • Using the search and where commands to filter results

  • The filnull command


Module 6 - Correlating Events



  • Identify transactions

  • Group events using fields

  • Group events using fields and time

  • Search with transactions

  • Report on transactions

  • Determine when to use transactions vs. stats


Module 7 - Introduction to Knowledge Objects



  • Identify naming conventions

  • Review permissions

  • Manage knowledge objects


Module 8 - Creating and Managing Fields



  • Perform regex field extractions using the Field Extractor
    (FX)

  • Perform delimiter field extractions using the FX


Module 9 - Creating Field Aliases and Calculated Fields



  • Describe, create, and use field aliases

  • Describe, create and use calculated fields


Module 10 - Creating Tags and Event Types



  • Create and use tags

  • Describe event types and their uses

  • Create an event type


Module 11 - Creating and Using Macros



  • Describe macros

  • Create and use a basic macro

  • Define arguments and variables for a macro

  • Add and use arguments with a macro


Module 12 - Creating and Using Workflow Actions



  • Describe the function of GET, POST, and Search workflow
    actions

  • Create a GET workflow action

  • Create a POST workflow action

  • Create a Search workflow action


Module 13 - Creating Data Models



  • Describe the relationship between data models and pivot

  • Identify data model attributes

  • Create a data model

  • Use a data model in pivot


Module 14 - Using the Common Information Model (CIM) Add-On



  • Describe the Splunk CIM

  • List the knowledge objects included with the Splunk CIM
    Add-On

  • Use the CIM Add-On to normalize data

Studijní materiály

V angličtině
Nabídka tohoto termínu kurzu již není aktuální. Podobné kurzy naleznete zde

Kontaktovat firmu - EDU Trainings s.r.o.

Váš email:
Váš dotaz:
Kontrola proti spamu. Kolik je čtyři a pět ? Součet zapište číslicemi.

Dodavatel veřejného kurzu

EDU Trainings s.r.o.

Prosíme zmiňte EduCity
při kontaktování dodavatele

Adresa

Táborská 619/46, 140 00 Praha 4 - Nusle

Kontakty


*Objednávka kurzu či žádost o více informací je zaslána přímo dodavateli vzdělávání. Ceny kurzů bez slev na EduCity jsou stejné jako u dodavatelů. Uplatnění slev u LAST MINUTE a Akčních kurzů pouze při objednání přes EduCity.