Splunk Search Expert Fast Start (SE-FS) – Contenuti
Contenuti dettagliati del Corso
Topic 1 – Working with Time
- Searching with Time
- Formatting Time
- Comparing index Time versus Search Time
- Using Time Commands
- Working with Time Zones
Topic 2 – Statistical Processing
- What is a Data Series?
- Transforming Data
- Manipulating Data with eval
- Formatting Data
Topic 3 – Comparing Values
- Using eval to Compare
- Filtering with where
Topic 4 – Result Modification
- Manipulating Output
- Modifying REsults Sets
- Managing Missing Data
- Modifying Field Values
- Normalizing with eval
Topic 5 – Leveraging Lookups and Subsearches
- Using Lookup Commands
- Adding a Subsearch
- Using the return Command
Topic 6 - Correlation Analysis
- Caclulate Co-Occurance Between Fields
- Analyze Multiple Datasets