Leveraging Lookups and Subsearches (LLS)

 

Course Overview

This course is designed for Splunk users, analysts, and administrators who want to enhance their searches with lookups and subsearches. You will learn how to use lookups to enrich your data and how to write subsearches to correlate and filter data from multiple sources.

Who should attend

  • Users/Analysts
  • Administrators
  • Engineers

Certifications

This course is part of the following Certifications:

Prerequisites

To be successful, students must have completed these Splunk Education course(s) or have equivalent working knowledge:

  • Intro to Splunk
  • Using Fields
  • Visualizations
  • Working with Time
  • Statistical Processing
  • Comparing Values
  • Result Modification
  • Scheduling Reports and Alerts
  • Introduction to Dashboards

Outline: Leveraging Lookups and Subsearches (LLS)

Module 1 – Using Lookup Commands

  • Understand lookups
  • Use the inputlookup command to search lookup files
  • Use the lookup command to invoke field value lookups
  • Use the outputlookup command to create lookups
  • Invoke geospatial lookups in search

Module 2 – Adding a Subsearch

  • Define subsearch
  • Use subsearch to filter results
  • Identify when to use subsearch
  • Understand subsearch limitations and alternatives

Module 3 – Using the return Command

  • Use the return command to pass values from a subsearch
  • Compare the return and fields commands

Prices & Delivery methods

Online Training

Duration
3 hours

Price
  • US $ 500
  • Splunk Training Units: 50 SPC
Enroll now
Request a date
Classroom Training

Duration
3 hours

Price
  • United States: US $ 500
  • Splunk Training Units: 50 SPC
Enroll now
Request a date

Click on town name or "Online Training" to book Schedule

Guaranteed date:   This green checkmark in the Upcoming Schedule below indicates that this session is Guaranteed to Run.
Instructor-led Online Training:   This is an Instructor-Led Online (ILO) course. These sessions are conducted via WebEx in a VoIP environment and require an Internet Connection and headset with microphone connected to your computer or laptop. If you have any questions about our online courses, feel free to contact us via phone or Email anytime.

United States

 Guaranteed to Run Online Training 09:00 Eastern Daylight Time (EDT) Enroll
Guaranteed to Run Online Training 09:00 Eastern Daylight Time (EDT) Enroll
Online Training Time zone: Eastern Daylight Time (EDT) Enroll
Online Training Time zone: Pacific Daylight Time (PDT) Enroll
Online Training 09:00 Eastern Daylight Time (EDT) Enroll
Online Training Time zone: Eastern Daylight Time (EDT) Enroll
Online Training Time zone: Central Standard Time (CST) Enroll
Guaranteed to Run Online Training 09:00 Eastern Standard Time (EST) Enroll
Online Training Time zone: Eastern Standard Time (EST) Enroll

Canada

 Guaranteed to Run Online Training 09:00 Eastern Daylight Time (EDT) Enroll
Guaranteed to Run Online Training 09:00 Eastern Daylight Time (EDT) Enroll
Online Training Time zone: Eastern Daylight Time (EDT) Enroll
Online Training Time zone: Pacific Daylight Time (PDT) Enroll
Online Training 09:00 Eastern Daylight Time (EDT) Enroll
Online Training Time zone: Eastern Daylight Time (EDT) Enroll
Online Training Time zone: Central Standard Time (CST) Enroll
Guaranteed to Run Online Training 09:00 Eastern Standard Time (EST) Enroll
Online Training Time zone: Eastern Standard Time (EST) Enroll