Overview
This "Fast Start" course introduces students to what machine data is and how to use Splunk to investigate and respond to incidents within an organization. Students will learn Splunk architecture, user roles, the Splunk Web interface, and how to use Splunk's Search Processing Language (SPL) to create searches, reports, dashboards, and visualizations. In the second half of the course, students will take deep dives into fields and visualizations and complete lab exercises. Topics from these courses will explore using fields, adding fields from other data sources, using commands to create charts and graphs, transforming geographic data into maps, and using visual formatting options to alter the look of statistical tables.
Prerequisites
None.
Product Description
Outline
Topic 1 – What is Splunk?
- What is Machine Data?
- Operational Intelligence
- What is Splunk?
Topic 2 – Intro to Splunk
- Intro to Splunk
- Using Splunk
- Using Search
- Exploring Events
- Search Processing Language
- What are Commands?
- What are Knowledge Objects?
- Creating Reports and Dashboards
Topic 3 – Using Fields
- What are Fields?
- What is Field Discovery?
- Using Fields in Searches
- Comparing Temporary versus Persistent Fields
- Enriching Data
Topic 4 – Visualizations
- Formatting Commands
- Visualizing Data
- Generating Maps
- Single Value Visualizations
- Visual Formatting