Splunk Search Expert Fast Start (SE-FS)
This Power User "Fast Start" course covers over 60 commands, functions, and knowledge objects to provide users with actionable information about searching best practices and knowledge management. Students will learn how to effectively utilize time in searches, work with different time zones, use transforming commands and eval functions to calculate statistics, compare field values with eval functions and eval expressions, manipulate output, normalize fields and field values, correlate and filter data from multiple sources, and create, manage, and share knowledge objects.
This series consists of eight modules with 24 hours of content over 4 days:
- Working with Time (WWT)
- Statistical Processing (SSP)
- Comparing Values (SCV)
- Result Modification (SRM)
- Correlation Analysis (SCLAS)
- Creating Knowledge Objects (CKO)
- Creating Field Extractions (CFE)
- Data Models (SDM)
Check out our full list of training locations and learning formats. Please note that the location you choose may be an Established HD-ILT location with a virtual live instructor.
Train face-to-face with the live instructor.
Access to on-demand training content anytime, anywhere.
Attend the live class from the comfort of your home or office.
Interact with a live, remote instructor from a specialized, HD-equipped classroom near you. An SLI sales rep will confirm location availability prior to registration confirmation.
All Sunset Learning dates are guaranteed to run!
Register
Prerequisites:
To be successful, students should have a solid understanding of the following:
- How Splunk Works
- Creating Search queries
- Knowledge objects (specifically reports, lookups, and fields)
OR have taken the following:
- Foundation Fast Start OR
- What is Splunk? (Retired), Intro to Splunk (ITS) and [Using Fields (SUF)
Target Audience:
Course Objectives:
Course Outline:
Topic 1 – Working with Time
- Searching with Time
- Formatting Time
- Comparing index Time versus Search Time
- Using Time Commands
- Working with Time Zones
Topic 2 – Statistical Processing
- What is a Data Series?
- Transforming Data
- Manipulating Data with eval
- Formatting Data
Topic 3 – Comparing Values
- Using eval to Compare
- Filtering with where
Topic 4 – Result Modification
- Manipulating Output
- Modifying Results Sets
- Managing Missing Data
- Modifying Field Values
- Normalizing with eval
Topic 5 – Leveraging Lookups and Subsearches
- Using Lookup Commands
- Adding a Subsearch
- Using the return Command
Topic 6 – Correlation Analysis
- Caclulate Co-Occurance Between Fields
- Analyze Multiple Datasets