• Metrics Overview
• Metrics Terminology
• Onboard Metrics Data
• Metrics Indexing
• Protocols to Ingest Metrics Data
• Metrics SPL Commands
• Performing Log to Metrics Conversion
• Using the Analytics Workspace
• Metrics Best Practices

Module 1 – Metrics Overview

• Understand the differences between metrics and events
  
• Describe metrics and metrics terminology
• Identify the storage and performance benefits of metrics
• Review use cases for searching metrics data
• Describe metrics dimensions and time series

Module 2 – Indexing and Searching Metrics

• Describe metrics indexing
  
• Create metrics indexes
• Onboard metrics data
• Use the mcatalog, msearch, and mstats commands

Module 3 – Bringing Metrics Into Splunk: Metrics-Formatted Data

• Review metrics source types and supported protocols
  
• Use collectd to ingest metrics data
• Use StatsD to ingest metrics data
• Verify onboarding of metrics

Module 4 – Bringing Metrics Into Splunk: Converting Logs to Metrics

• Describe the log-to-metrics process
  
• Use mcollect and meventcollect to convert logs to metrics at search time
• Use Splunk Web to convert logs to metrics at ingent time
• Use config files to convert logs to metrics at ingest time

Module 5 – Managing Metrics Indexes and Metrics Rollups

• Manage metrics indexes
• Understand metrics rollups
• Configure rollup policies

Module 6 – Analytics Workspace and SAI

• Use the Analytics Workspace to analyze and visualize metrics data
• Describe the Splunk App for Infrastructure (SAI)

Module 7 – Best Practices and Performance Tuning

• Describe metrics best practices
• Tune the performance of metrics processing