Splunk Fundamentals 3

Nabídka tohoto termínu kurzu již není aktuální. Podobné kurzy naleznete zde
  • Místo konání

  • Region:
    ONLINE
  • Adresa:
  • Termín

  • Doba trvání:
    1 den
Nabídka tohoto termínu kurzu již není aktuální. Podobné kurzy naleznete zde

Popis kurzu Splunk Fundamentals 3

Popis kurzu

The Splunk Fundamentals Part 3 course picks up where Splunk Fundamentals Part 2 leaves off, focusing on some more advanced searching and reporting commands as well as on advanced use cases of knowledge objects. Major topics include advanced statistics and eval commands, advanced lookups, advanced alert actions, using regex and erex to extract fields, using spath to work with self-referencing data, creating nested macros and macros with event types, and accelerating reports and data models.


The Splunk Fundamentals Part 3 course picks up where Splunk Fundamentals Part 2 leaves off, focusing on some more advanced searching and reporting commands as well as on advanced use cases of knowledge objects. Major topics include advanced statistics and eval commands, advanced lookups, advanced alert actions, using regex and erex to extract fields, using spath to work with self-referencing data, creating nested macros and macros with event types, and accelerating reports and data models.

Obsah kurzu

Module 1 – Exploring Statistical Commands
Performing statistical analysis with functions of the stat command
Using fieldsummary
Using appendpipe
Using eventstats
Using streamstats


Module 2 – Exploring eval Command Functions
Using conversion functions
Using data and time functions
Using string functions
Using comparison and conditional functions
Using informational functions
Using statistical functions
Using mathematical functions


Module 3 – Exploring Lookups
Including and excluding events based on lookup values
Using KV Store, external, and geospatial lookups
Understanding best practices for lookups
Module 4 – Exploring Alerts
Using lookups in alerts
Outputting alert results to a lookup
Logging and indexing searchable alert events
Module 5 – Extracting Fields at Search Time
Using the erex command
Using the rex command
Identifying regex best practices


Module 6 – Working with Self-Describing Data
Using the spath command
Using the eval command with the spath function
Extracting fields from table-formatted events with multikv


Module 7 – Exploring Search Macros
Using nested search macros
Previewing search macros before executing
Using tags and event types in search macros


Module 8 – Using Acceleration Options
Describing acceleration and acceleration methods
Determining how summaries make searches efficient


Module 9 – Report Acceleration
Creating an accelerated report
Searching against an acceleration summary


Module 10 – Summary Indexing
Identifying when to use a summary index
Defining and search against a summary index
Module 11 – datamodel Command & Data Model Acceleration
Exploring data models using the datamodel command
Discerning between ad hoc and persistent data model acceleration


Module 12 – tsidx files and tstats Command
Work with tsidx files using the tstats command
Use tstats command with data models

Předpoklady

Splunk Fundamentals 2

Studijní materiály

V angličtině
Nabídka tohoto termínu kurzu již není aktuální. Podobné kurzy naleznete zde

Kontaktovat firmu - EDU Trainings s.r.o.

Váš email:
Váš dotaz:
Kontrola proti spamu. Kolik je deset a dvě ? Součet zapište číslicemi.

Dodavatel veřejného kurzu

EDU Trainings s.r.o.

Prosíme zmiňte EduCity
při kontaktování dodavatele

Adresa

Táborská 619/46, 140 00 Praha 4 - Nusle

Kontakty


*Objednávka kurzu či žádost o více informací je zaslána přímo dodavateli vzdělávání. Ceny kurzů bez slev na EduCity jsou stejné jako u dodavatelů. Uplatnění slev u LAST MINUTE a Akčních kurzů pouze při objednání přes EduCity.