Your SlideShare is downloading. ×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×

Saving this for later?

Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime - even offline.

Text the download link to your phone

Standard text messaging rates apply

Advanced searching and reporting 50 course

44
views

Published on

Advanced searchingandreporting 50 course

Advanced searchingandreporting 50 course

Published in: Technology

0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
44
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
0
Comments
0
Likes
0
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide

Transcript

  • 1. Splunk Education Services Advanced Searching and Reporting with Splunk 5.0 This nine-hour course supplements the Searching and Reporting with Splunk class. It focuses on more advanced search and reporting commands. Scenario-based examples and hands-on challenges enable users to create robust searches, reports, and charts. Students are coached step by step through complex searches to produce final results. Major topics include the Splunk search process, using sub- searches, using additional statistical commands and functions, formatting and calculating results, charting commands and options, correlating events, enriching data with lookups, and more. Course Topics  Beyond Search Fundamentals  Using Sub-searches  Using Advanced Statistics, Data Manipulation, & Filtering  Using Advanced Charting  Sorting, Searching and Reformatting Time  Using Advanced Transactions  Using Advanced Lookups Course Prerequisites Using Splunk and Searching and Reporting with Splunk courses Class Format Instructor-led lecture with labs. Delivered via virtual classroom or at your site. Course Objectives Lesson 1 – Beyond Search Fundamentals  Using the proper case in searches  Describing Splunk’s search process  Using the search inspector to view search performance  Using the search inspector to troubleshoot searches Lesson 2 – Using Sub-Searches  Using sub-searches to correlate data  Finding events that match values from a sub-search  Finding events that do not match values from a sub-search Lesson 3 – Using Advanced Statistics  Using the appendpipe command  Using statistical functions such as min, max, mean, median, and standard deviation  Using the streamstats command  Using the eventstats command Lesson 4 – Using Data Manipulation, and Filtering  Using functions of the where command  Using functions of the eval command Lesson 5– Using Advanced Charting  Using the addtotals command  Using the rangemap command  Using the append command Lesson 6 – Sorting, Searching, and Reformatting Time  Using time modifiers  Searching for events using custom time ranges  Searching for events within a window of time  Displaying and use using relative dates  Using custom time ranges in multiple sub-searches Lesson 7 – Using Advanced Transactions  Finding events logged before a particular event occurs  Finding events logged after a particular event occurs  Comparing complete transactions  Analyzing transactions Lesson 8 – Using Advanced Lookups  Using lookup tables to include or exclude events  Using time-based lookups  Configuring time-based lookups  Using lookups in alerts Splunk Education Tracks User: For all day-to-day Splunk users including customer support staff, developers, systems administrators and management. Administrator: For administrators of Splunk itself. (Administrators of other systems who will just be using Splunk should take the User track.) Architect: For architects who will be designing Splunk deployments, including architects on staff at customer deployments, as well as partner professional services personnel. Developer: For developers who will integrate, customize and extend Splunk using its XML templates and advanced configuration bundling. Support Engineer: For Splunk OEM and channel partner support staff who will be providing first line support for Splunk. Tracks User Administrator Architect Developer Support Engineer Using Splunk ✓ ✓ ✓ ✓ ✓ Searching and Reporting with Splunk ✓ ✓ ✓ ✓ Advanced Searching and Reporting with Splunk ✓ ✓ ✓ ✓ Administrating Splunk ✓ ✓ ✓ Advanced Splunk Administration ✓ ✓ ✓ Architecting and Deploying Splunk ✓ ✓ Developing Apps with Splunk ✓ ✓ ✓ Splunk Architect Certification Lab ✓ Supporting Splunk ✓
  • 2. Splunk Education Services About Splunk Splunk is software that indexes, manages and enables you to search data from any application, server or network device in real time. Visit our website at www.splunk.com to download your own free copy. Splunk Inc. 250 Brannan San Francisco, CA 94107 866.GET.SPLUNK (866.438.7758) sales@splunk.com support@splunk.com