search and reporting for
beginners and advanced
Search and reporting for beginners | Search and reporting for beginners | |
---|---|---|
Participant | all potential Splunk users who want to run simple searches and create reports | all active Splunk users who want to perform complex searches |
Duration | 8 hours | 12 hours |
Implementation form |
|
|
Technical requirements | Splunk test server (e.g. AWS) with artificial, automatically generated data, to which participants are granted access for a certain time after logging in | Splunk test server (e.g. AWS) with artificial, automatically generated data, to which participants are granted access for a certain time after logging in |
Prior knowledge | Splunk introduction | Search and reporting for beginners, knowledge of regular expressions |
Procedure |
|
|
search and reporting for
beginners and advanced
Search and reporting for beginners
Participant:
all potential Splunk users who want to run simple searches and create reports
Duration:
8 hours
Implementation Form:
- Classroom training
- Alternatively virtual training with trainer
Technical requirement:
Splunk test server (e.g. AWS) with artificial, automatically generated data, to which participants are granted access for a certain time after logging in
Prior Knowledge:
Splunk introduction
Procedure:
- What are events in Splunk?
- filter data in Splunk
- working with fields
- simple statistics
- top, rare, stats, chart, timechart
- transaction, lookup, table, rename, fields, deduce, sort
- create field aliases
- create your own lookups
- saving reports and dashboards
Search and reporting for beginners
Participant:
all active Splunk users who want to perform complex searches
Duration:
12 hours
Implementation Form:
- Classroom training
- Alternatively virtual training with trainer
Technical requirement:
Splunk test server (e.g. AWS) with artificial, automatically generated data, to which participants are granted access for a certain time after logging in
Prior Knowledge:
Search and reporting for beginners, knowledge of regular expressions
Procedure:
- advanced search commands
- subsearches
- Join with other data sources
- optimize search speed
- stats, streamstats, eventstats, append commands, foreach
- input, output, load job, rangemap, savedsearch, search, where, eval
- working with geo-information
- working with multi-value fields
- summary searches, anomaly detection
- create custom fields with regular expressions