Splunk Power User Fast Start (POWER-U) – Contenuti
Contenuti dettagliati del Corso
Topic 1 – Working with Time
- Formatting Time
- Comparing Index Time versus Search Time
- Using Time Commands
- Working with Time Zones
Topic 2 – Statistical Processing
- What is a Data Series?
- Transforming Data
- Manipulating Data with eval
- Formatting Data
Topic 3 – Comparing Values
- Using eval to Compare
- Filtering with where
Topic 4 – Result Modification
- Manipulating Output
- Modifying Results Sets
- Managing Missing Data
- Modifying Field Values
- Normalizing with eval
Topic 5 – Correlation Analysis
- Calculate Co-Occurrence Between Fields
- Analyze Multiple Datasets
Topic 6 – Intro to Knowledge Objects
- What are Knowledge Objects?
- Knowledge Object Settings
- Managing Knowledge Objects
Topic 7 – Creating Knowledge Objects
- Knowledge Objects and Search-time Operations
- Creating Event Types
- Using Event Type Builder
- Creating Workflow Actions
- Creating Tags and Aliases
- Creating Search Macros
Topic 8 – Creating Field Extractions
- Using the Field Extractor
- Creating Regex Field Extractions
- Creating Delimited Field Extractions
Topic 9 – Data Models
- Introducing Data Model Datasets
- Designing Data Models
- Creating a Pivot
- Accelerating Data Models