In this 2-day course, you will learn the fundamentals of using Splunk. You will get familiar with the interface, how to bring in data, how to search and report data. In addition, you will be able to create alerts and dashboards to help spot problems and track trends. Data models and Pivots are also explored.
Splunk is a industry leader in operational intelligence. With Splunk, machine data is accessible, usable and valuable to IT and business users.
Prerequisites
General understanding of the Windows interface.
Splunk - Getting Started
- Installing Splunk
- Creating a Splunk App
- Populating data with Eventgen
- Controlling Splunk
- Configuring Eventgen
- Viewing the Destinations app
- Creating your first dashboard
Bringing in Data
- Splunk and big data
- Splunk data sources
- Creating Indexes
- Buckets
- Log Files as data input
- Splunk events and fields
- Extracting new fields
Search Processing Language
- Anatomy of a search
- Time modifiers
- Filtering search results
- Additional Search commands
Reporting, Alerts, and Search Optimization
- Data classification with Event Types
- Data normalization with Tags
- Data enrichment with Lookups
- Creating and scheduling reports
- Creating alerts
- Search and Report acceleration
- Scheduling options
- Summary indexing
Dynamic Dashboarding
- Creating effective dashboards
- Types of dashboards
- Form inputs
- Creating a time range input
- Static real-time dashboard
- Creating a choropleth map
Data Models and Pivots
- Creating a data model
- Data model acceleration
- Rearranging your dashboard
