Scribd Logo
Upload

Welcome to Scribd!

  • Splunk 6 For Power Users

    Uploaded by

    DSunte Wilson
    109 views8 pages
    This course teaches you to search, navigate, tag, build alerts, create simple reports and dashboards, and use Splunk's Pivot interface. Are you in charge of creating knowledge objects for your organisation? Then you will benefit from this course that walks you through the various knowledge objects and how to create them.

    Original Description:

    Original Title

    Splunk 6 for Power Users.doc

    Copyright

    © © All Rights Reserved

    Available Formats

    DOC, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    This course teaches you to search, navigate, tag, build alerts, create simple reports and dashboards, and use Splunk's Pivot interface. Are you in charge of creating knowledge objects for your organisation? Then you will benefit from this course that walks you through the various knowledge objects and how to create them.

    Copyright:

    © All Rights Reserved
    Download as DOC, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    109 views8 pages

    Splunk 6 For Power Users

    Uploaded by

    DSunte Wilson
    This course teaches you to search, navigate, tag, build alerts, create simple reports and dashboards, and use Splunk's Pivot interface. Are you in charge of creating knowledge objects for your organisation? Then you will benefit from this course that walks you through the various knowledge objects and how to create them.

    Copyright:

    © All Rights Reserved
    Download as DOC, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 8

    Splunk6PowerUsers

    4 Day Course

    Splunk 6 Power Users


    4 Day Course

    Course Description
    This power-user course teaches you to search, navigate, tag, build alerts, create simple reports
    and dashboards, and use Splunk's Pivot interface.
    Are you in charge of creating Splunk knowledge objects for your organisation? Then you will
    benefit from this course that walks you through the various knowledge objects and how to
    create them.

    Course Topics

    Introduction to Splunk's interface


    Searching and saving results
    Using fields and tags
    Creating alerts
    Creating reports and visualisations
    Using Pivot

    Course Structure/Content Outline


    Module 1: Introducing Buttercup Games

    Understand the lab environment


    Understand the overarching scenario for the course

    Module 2: Introduction to Splunks User Interface

    Understand the uses of Splunk


    Define Splunk Apps
    Learn basic navigation in Splunk

    Module 3: Searching and Saving Results

    3/6/15

    Run basic searches


    Set the time range of a search
    Identify the contents of search results
    Use the timeline

    Page 1

    Splunk 6 Power Users


    4 Day Course

    Work with events


    Control a search job
    Save search results

    Module 4: Using Fields and Tags

    Understand fields
    Use fields in searches
    Use the fields sidebar
    Describe tags
    Create tags and use tags in a search

    Module 5: Creating Alerts

    Describe alerts
    Create an alert
    View fired alerts

    Module 6: Creating Reports and Visualizations

    Save a search as a report


    Edit reports
    Create reports that include Visualisations
    Add reports to a dashboard

    Module 7: Using Pivot

    3/6/15

    Describe Pivot
    Understand the relationship between data models and pivot
    Select a data model object
    Create a pivot report

    Page 2

    Splunk 6 Power Users


    4 Day Course

    Module 8: Introducing Buttercup Games

    Review Buttercup Games Company


    Become familiar with the sourcetypes used during the course

    Module 9: Search Fundamentals

    Review basic search commands and general search practices


    Examine the anatomy of a search
    Use the following commands to perform searches:
    o fields
    o table
    o rename
    o rex & erex
    o multikv

    Module 10: Getting Statistics

    Use the following commands and their functions:


    o top
    o rare
    o stats
    o addtotals

    Module 11: Creating Visualizations

    Explore the available visualisations


    Create a basic chart
    Split values into multiple series
    Create a timechart
    Chart multiple values on the same timeline
    Apply statistical functions

    Module 12: Analyzing, Calculating, and Formatting Results

    3/6/15

    Using the eval command:

    Page 3

    Splunk 6 Power Users


    4 Day Course

    Perform calculations
    Convert values
    Round values
    Format values
    Use conditional statements
    Further filter calculated results
    Use the rangemap command
    Use the xyseries command
    o
    o
    o
    o
    o

    Module 13: Correlating Events

    Identify transactions
    Group events using fields
    Group events using fields and time
    Search with transactions
    Report on transactions
    Determine when to use transactions vs. stats

    Module 14: Enriching Data with Lookups

    Describe lookups
    Examine a lookup file example
    Create a lookup table
    Define a lookup
    Configure an automatic lookup
    Use the lookup in searches and reports

    Module 15: Accelerating Reports

    Describe report acceleration


    Accelerate reports
    Create summaries
    Search against summaries
    Describe summary management

    Module 16: What is the common information model


    3/6/15

    Page 4

    Splunk 6 Power Users


    4 Day Course

    Understand the relationship between knowledge objects and the CIM


    Describe the Common Information Model
    Review the components of CIM
    Review of Splunk Apps

    Module 17: Working with Fields

    Create and use field aliases


    Manage tags
    Create calculated fields
    Perform field extractions with Interactive Field Extractor
    Create and manage field transformations
    Rename source types

    Module 18: Working with Workflow Actions

    Describe the function of a workflow action


    Create a GET workflow action
    Create a POST workflow action
    Create a Search workflow action
    Use special parameters

    Module 19: Working with Event Types

    Describe event types and their use


    Create an event type
    Tag event types

    Module 20: Working with Macros

    3/6/15

    Describe macros
    Manage macros
    Create and use a basic macro
    Define arguments and variables for a macro
    Add and use arguments with a macro

    Page 5

    Splunk 6 Power Users


    4 Day Course

    Module 21: Creating Data Models

    3/6/15

    Describe the relationship between data models and pivot


    Identify data models
    Identify object attributes
    Create a data model
    Accelerate a data model
    Use a data model in pivot
    Understand how data models work behind the scenes

    Page 6

    Splunk 6 Power Users


    4 Day Course

    3/6/15

    Page 7

    You might also like