Overview
This is a free e-learning module that is part of multiple learning paths. This module should be consumed in the sequence recommended in the corresponding learning paths.
Prerequisites
Recommended:
- Intro to Splunk eLearning module
- Intro to Knowledge Objects eLearning module
Course Objectives
- Creating and managing Scheduled Reports
- Creating and managing Alerts
- Using Alert Actions
Product Description
This eLearning module teaches students how to use scheduled reports and alerts to automate processes in their organization. Students will create, manage, and schedule reports and alerts, and use alert actions to further respond to incidents as they occur.
Outline
Topic 1
- Create a report
- Schedule a report
- Define a report's time range
- Define schedule priority
- Define schedule window
- Add a trigger condition
Topic 2
- View report settings
- Edit report permissions
- Enable report embedding
Topic 3
- Save a search as an alert
- Define alert permissions
- Understand scheduled and real-time alert types
- Define alert trigger conditions
Topic 4
- Define actions that respond to trigger conditions
- Write results to a log event
- Output results to a lookup
- Output results to a telemetry endpoint
- Send an email containing search results
- Set up a webhook alert action
Topic 5
- View alert settings
- Edit alert permissions