Splunk Courses for User: Advanced Searching & Reporting
This Splunk Courses for User: Advanced Searching & Reporting training course focuses on more advanced search and reporting commands. Scenario-based examples and hands-on challenges enable users to create robust searches, reports, and charts. Students are coached step by step through difficult searches to produce the final results.
Most of the topics involve the optimizing searches, additional charting commands, and the functions, formatting and calculating results, the correlating events, and using the combined searches and sub searches.
A Splunk Core Certified Power User has a basic knowledge of Search Processing Language searching and reporting the commands and can make knowledge objects, use the field aliases and calculated fields, create tags and the event types, use macros, make workflow actions and information models, and the normalized information with the Common Information Model in either the Splunk Enterprise or Splunk Cloud platforms. This certification demonstrates the individual’s foundational competence of Splunk’s core software.
Module 1 – Using Search Efficiently
- Lesson 1: Review search architecture
- Lesson 2: Understand how the components of a bucket (.tsidx an djournal.gz files) are used
- Lesson 3: How bloom filters are used to improve search speed
- Lesson 4: Describe the parts of a search string
- Lesson 5: Understand the use of centralized vs. distributable commands
- Lesson 6: Create better searches
Module 2 – More Search Tuning
Module 3 – Manipulating and Filtering Data
Module 4 – Working with Multivalue Fields
Module 5 – Using Advanced Transactions
Module 6 – Working with Time
Module 7 – Combining Searches
Module 8 – Using Subsearches
Module 9 – Some Extra Tips
0.00 average based on 0 ratings