Splunk 8.1 Fundamentals Part 2

Splunk 8.1 Fundamentals Part 2

Splunk 8.1 Fundamentals Part 2

Upcoming Classes

Japan

Location Apr 2021 May 2021 Jun 2021 Jul 2021 Aug 2021 Sep 2021 Oct 2021
Japan Third Party Co.,Ltd. Apr 14 – Apr 16
 Jun 16 – Jun 18
 Aug 18 – Aug 20

Online

Instructor-led online training

Location Apr 2021 May 2021 Jun 2021 Jul 2021 Aug 2021 Sep 2021 Oct 2021
AMER Pacific Time - Virtual Apr 19 – Apr 22
Apr 26 – Apr 29
 May 3 – May 6
May 17 – May 20
 Jun 1 – Jun 4
Jun 7 – Jun 10
Jun 14 – Jun 17
Jun 21 – Jun 24
Jun 28 – Jul 1
 Jul 12 – Jul 15
Jul 19 – Jul 22
Jul 26 – Jul 29
 Aug 2 – Aug 5
Aug 9 – Aug 12
Aug 23 – Aug 26
 Sep 7 – Sep 10
Sep 13 – Sep 16
Sep 20 – Sep 23
Sep 27 – Sep 30
 Oct 4 – Oct 7
AMER Eastern Time - Virtual Apr 19 – Apr 22
Apr 19 – Apr 22
Apr 26 – Apr 29
 May 3 – May 6
May 10 – May 13
May 17 – May 20
May 24 – May 27
 Jun 1 – Jun 4
Jun 7 – Jun 8
Jun 7 – Jun 10
Jun 14 – Jun 17
Jun 21 – Jun 24
Jun 28 – Jul 1
 Jul 12 – Jul 15
Jul 19 – Jul 22
Jul 26 – Jul 29
Jul 26 – Jul 29
 Aug 2 – Aug 5
Aug 16 – Aug 19
Aug 16 – Aug 19
Aug 30 – Sep 2
Aug 30 – Sep 2
 Sep 7 – Sep 10
Sep 13 – Sep 16
Sep 27 – Sep 30
 Oct 4 – Oct 7
Oct 11 – Oct 14
Oct 11 – Oct 14
APAC Singapore - Virtual Apr 19 – Apr 22
 May 4 – May 7
May 18 – May 21
 Jun 1 – Jun 4
Jun 15 – Jun 18
Jun 29 – Jul 2
 Jul 20 – Jul 23
 Aug 3 – Aug 6
Aug 17 – Aug 20
Aug 31 – Sep 3
 Sep 14 – Sep 17
Sep 28 – Oct 1
 Oct 12 – Oct 15
EMEA - Central European Time - Virtual (French) Apr 19 – Apr 22
 Jun 14 – Jun 17
 Sep 7 – Sep 10
EMEA Central European Summer Time - Virtual Apr 19 – Apr 20
 May 17 – May 18
 Jun 21 – Jun 22
 Jul 19 – Jul 20
EMEA UK Time - Virtual Apr 20 – Apr 23
Apr 26 – Apr 29
 May 4 – May 7
May 11 – May 14
May 25 – May 28
 Jun 1 – Jun 4
Jun 7 – Jun 10
Jun 14 – Jun 17
Jun 21 – Jun 24
Jun 28 – Jul 1
 Jul 6 – Jul 9
Jul 13 – Jul 16
Jul 20 – Jul 23
Jul 26 – Jul 29
 Aug 2 – Aug 5
Aug 9 – Aug 12
Aug 16 – Aug 19
Aug 23 – Aug 26
Aug 31 – Sep 3
 Sep 7 – Sep 10
Sep 13 – Sep 16
Sep 20 – Sep 23
Sep 27 – Sep 30
 Oct 4 – Oct 7
Oct 11 – Oct 14
AMER Brazil Time - Virtual Jun 7 – Jun 10
 Sep 13 – Sep 16

Australia

Location Apr 2021 May 2021 Jun 2021 Jul 2021 Aug 2021 Sep 2021 Oct 2021
Ingeniq - Online May 11 – May 14
 Jun 1 – Jun 4
 Jul 6 – Jul 9
 Aug 3 – Aug 6

Summary

This course picks up where Splunk Fundamentals Part 1 leaves off, focusing on more advanced searching and reporting commands as well as on the creation of knowledge objects. Scenario-based examples and hands-on challenges coach you step-by-step through the creation of complex searches, reports, and charts. Major topics include using transforming commands and visualizations, filtering and formatting results, correlating events, creating knowledge objects, using field aliases and calculated fields, creating tags and event types, using macros, creating workflow actions and data models, and normalizing data with the Common Interface Model (CIM).

Description

  • Transforming commands and visualization
  • Filtering and formatting Results
  • Correlating events
  • Knowledge objects
  • Fields (Field aliases, field extractions, calculated fields)
  • Tags and event types
  • Macros
  • Workflow actions
  • Data models
  • Splunk Common Information Model (CIM)

Duration

4 Days

Objectives

Module 1 - Introduction

  • Overview of Buttercup Games Inc.
  • Lab environment

Module 2 - Beyond Search Fundamentals

  • Search fundamentals review
  • Case sensitivity
  • Using the job inspector to view search performance

Module 3 - Using Transforming Commands for Visualizations

  • Explore data structure requirements
  • Explore visualization types
  • Create and format charts and timecharts

Module 4 - Using Mapping and Single Value Commands

  • The iplocation command
  • The geostats command
  • The geom command
  • The addtotals command

Module 5 - Filtering and Formatting Results

  • The eval command
  • Using the search and where commands to filter results
  • The filnull command

Module 6 - Correlating Events

  • Identify transactions
  • Group events using fields
  • Group events using fields and time
  • Search with transactions
  • Report on transactions
  • Determine when to use transactions vs. stats

Module 7 - Introduction to Knowledge Objects

  • Identify naming conventions
  • Review permissions
  • Manage knowledge objects

Module 8 - Creating and Managing Fields

  • Perform regex field extractions using the Field Extractor (FX)
  • Perform delimiter field extractions using the FX

Module 9 - Creating Field Aliases and Calculated Fields

  • Describe, create, and use field aliases
  • Describe, create and use calculated fields

Module 10 - Creating Tags and Event Types

  • Create and use tags
  • Describe event types and their uses
  • Create an event type

Module 11 - Creating and Using Macros

  • Describe macros
  • Create and use a basic macro
  • Define arguments and variables for a macro
  • Add and use arguments with a macro

Module 12 - Creating and Using Workflow Actions

  • Describe the function of GET, POST, and Search workflow actions
  • Create a GET workflow action
  • Create a POST workflow action
  • Create a Search workflow action

Module 13 - Creating Data Models

  • Describe the relationship between data models and pivot
  • Identify data model attributes
  • Create a data model
  • Use a data model in pivot

Module 14 - Using the Common Information Model (CIM) Add-On

  • Describe the Splunk CIM
  • List the knowledge objects included with the Splunk CIM Add-On
  • Use the CIM Add-On to normalize data

Prerequisites

Splunk Fundamentals 1

 

Onsite Training

For groups of three or more

Request Quote

Public Training

Tokyo

AMER Pacific Time - Virtual

AMER Eastern Time - Virtual

APAC Singapore - Virtual

EMEA - Central European Time - Virtual (French)

EMEA Central European Summer Time - Virtual

EMEA UK Time - Virtual

Chatswood, NSW

AMER Brazil Time - Virtual


Don't see a date that works for you?

Request Class

Splunk 8.1 Fundamentals Part 2 Ratings

Averaged from 12 responses.

Training Organized
Training Objectives
Training Expectations
Training Curriculum
Training Labs
Training Overall

What do these ratings mean?

© 2005- Splunk Inc. All rights reserved.
Splunk>, Listen to Your Data, The Engine for Machine Data, Splunk Cloud, Splunk Light and SPL are trademarks and registered trademarks of Splunk Inc. in the United States and other countries. All other brand names, product names, or trademarks belong to their respective owners. © Splunk Inc. All rights reserved.