Who should attend
Advanced Splunk users.
Prerequisites
Required:
- Splunk Fundamentals 1
- Splunk Fundamentals 2
- Splunk Fundamentals 3
Highly recommended: at least 6 months experience with the Splunk search language
Course Objectives
This 3 virtual-day course focuses on more advanced search and reporting commands. Scenario-based examples and hands-on challenges enable users to create robust searches, reports, and charts. Students are coached step by step through complex searches to produce final results. Major topics include optimizing searches, additional charting commands and functions, formatting and calculating results, correlating events, and using combined searches and subsearches.
Course Content
- Using Search Efficiently
- More Search Tuning
- Manipulating and Filtering Data
- Working with Multivalue Fields
- Using Advanced Transactions
- Working with Time
- Combining Searches
- Using Subsearches