Creating Knowledge Objects

Upcoming Classes

Online

Instructor-led online training

Location	Dec 2022	Jan 2023	Feb 2023	Mar 2023	Apr 2023
APAC Singapore - Virtual	Dec 5	Jan 17	Feb 17	Mar 13	Apr 13
AMER Eastern Time - Virtual	Dec 7 Dec 21	Jan 12	Feb 13	Mar 14	Apr 10
AMER Brazil Time - Virtual (Portuguese)	Dec 14
EMEA UK Time - Virtual	Dec 15	Jan 19		Mar 13	Apr 27
AMER Pacific Time - Virtual		Jan 19		Mar 28

Summary

This three-hour course is for knowledge managers who want to learn how to create knowledge objects for their search environment using the Splunk web interface. Topics will cover types of knowledge objects, the search-time operation sequence, and the processes for creating event types, workflow actions, tags, aliases, search macros, and calculated fields.

Description

Knowledge Objects and Search-time Operations
Creating Event Types
Using Event Type Builder
Creating Workflow Actions
Creating Tags and Aliases
Creating Serach Macros

Duration

3 hours

Objectives

Topic 1 – Knowledge Objects & Search-time Operations

Understand role of knowledge objects for enriching data
Define search-time operation sequence

Topic 2 – Creating Event Types

Define event types
Create event types using three methods
Tag event types
Compare event types and reports

Topic 3 – Creating Workflow Actions

Identify what are workflow actions
Create a GET, POST, and search workflow action
Test workflow actions

Topic 4 – Creating Tags and Aliases

Describe field aliases and tags
Create field aliases and tags
Search with field aliases and tags

Topic 5 – Creating Search Macros

Explain search macros
Create macros with and without arguments
Validate macro arguments
Use and preview macros at search time
Create and use nested macros
Use macros with other knowledge objects

Topic 6 – Creating Calculated Fields

Explain calculated fields
Create a calculated field
Use a calculated field in search

Audience

Knowledge Managers

Prerequisites

To be successful, students should have a solid understanding of the following:

How Splunk works
Knowledge Objects

Additional Notes

Individuals who enroll in this class will also be enrolled in an (eLearning with Labs) component. Completion of labs and quizzes is required in order to receive proof of completion.

Public Training

APAC Singapore - Virtual

Dec 5

9:00 AM - 12:00 PM SGT

$ 500.00 USD
Jan 17

9:00 AM - 12:00 PM SGT

$ 500.00 USD
Feb 17

9:00 AM - 12:00 PM SGT

$ 500.00 USD
Mar 13

9:00 AM - 12:00 PM SGT

$ 500.00 USD
Apr 13

9:00 AM - 12:00 PM SGT

$ 500.00 USD

AMER Eastern Time - Virtual

Dec 7

1:00 PM - 4:00 PM EST

$ 500.00 USD
Dec 21

9:00 AM - 12:00 PM EST

$ 500.00 USD
Jan 12

9:00 AM - 12:00 PM EST

$ 500.00 USD
Feb 13

9:00 AM - 12:00 PM EST

$ 500.00 USD
Mar 14

9:00 AM - 12:00 PM EDT

$ 500.00 USD
Apr 10

9:00 AM - 12:00 PM EDT

$ 500.00 USD

AMER Brazil Time - Virtual (Portuguese)

Dec 14

2:00 PM - 5:00 PM BRT

$ 500.00 USD

EMEA UK Time - Virtual

Dec 15

9:00 AM - 12:00 PM GMT

$ 500.00 USD
Jan 19

9:00 AM - 12:00 PM GMT

$ 500.00 USD
Mar 13

9:00 AM - 12:00 PM GMT

$ 500.00 USD
Apr 27

9:00 AM - 12:00 PM BST

$ 500.00 USD

AMER Pacific Time - Virtual

Jan 19

9:00 AM - 12:00 PM PST

$ 500.00 USD
Mar 28

9:00 AM - 12:00 PM PDT

$ 500.00 USD

Don't see a date that works for you?

Request Class

Creating Knowledge Objects

Creating Knowledge Objects