Splunk Power User Fast Start (POWER-U)

 

Course Overview

This Power User "Fast Start" course covers over 60 commands, functions, and knowledge objects to provide users with actionable information about searching best practices and knowledge management. Students will learn how to effectively utilize time in searches, work with different time zones, use transforming commands and eval functions to calculate statistics, compare field values with eval functions and eval expressions, manipulate output, normalize fields and field values, correlate and filter data from multiple sources, and create, manage, and share knowledge objects.

This series consists of eight modules with 24 hours of content over 4 days.

Certifications

This course is part of the following Certifications:

Prerequisites

To be successful, students should have a solid understanding of the following:

  • How Splunk works
  • How to create basic searching and visualizations
  • RECOMMENDED: !

Course Objectives

  • Utilize over 60 commands and functions to transform, manipulate, normalize, correlate, and filter data.
  • Filter data using time modifiers and time commands and use formatting functions to accommodate various time formats.
  • Calculate statistics using transforming commands and mathematical and statistical eval functions.
  • Compare, manipulate, and normalize data using several commands including the all-powerful eval command and an array of statistical, comparison, conditional, and formatting functions.
  • Calculate co-occurrence between fields and analyze data from multiple datasets.
  • Create, curate, manage and share knowledge objects.

Follow On Courses

Outline: Splunk Power User Fast Start (POWER-U)

Topic 1 – Working with Time
  • Formatting Time
  • Comparing Index Time versus Search Time
  • Using Time Commands
  • Working with Time Zones
Topic 2 – Statistical Processing
  • What is a Data Series?
  • Transforming Data
  • Manipulating Data with eval
  • Formatting Data
Topic 3 – Comparing Values
  • Using eval to Compare
  • Filtering with where
Topic 4 – Result Modification
  • Manipulating Output
  • Modifying Results Sets
  • Managing Missing Data
  • Modifying Field Values
  • Normalizing with eval
Topic 5 – Correlation Analysis
  • Calculate Co-Occurrence Between Fields
  • Analyze Multiple Datasets
Topic 6 – Intro to Knowledge Objects
  • What are Knowledge Objects?
  • Knowledge Object Settings
  • Managing Knowledge Objects
Topic 7 – Creating Knowledge Objects
  • Knowledge Objects and Search-time Operations
  • Creating Event Types
  • Using Event Type Builder
  • Creating Workflow Actions
  • Creating Tags and Aliases
  • Creating Search Macros
Topic 8 – Creating Field Extractions
  • Using the Field Extractor
  • Creating Regex Field Extractions
  • Creating Delimited Field Extractions
Topic 9 – Data Models
  • Introducing Data Model Datasets
  • Designing Data Models
  • Creating a Pivot
  • Accelerating Data Models

Prices & Delivery methods

Online Training

Duration
4 days

Price
  • US $ 4,000
  • Splunk Training Units: 400 SPC
Classroom Training

Duration
4 days

Price
  • United States: US $ 4,000

Click on town name or "Online Training" to book Schedule

This is an Instructor-Led Classroom course
Instructor-led Online Training:   This is an Instructor-Led Online (ILO) course. These sessions are conducted via WebEx in a VoIP environment and require an Internet Connection and headset with microphone connected to your computer or laptop.
This is a FLEX course, which is delivered simultaneously in two modalities. Choose to attend the Instructor-Led Online (ILO) virtual session or Instructor-Led Classroom (ILT) session.

United States

Online Training 09:00 Central Standard Time (CST) Enroll
Online Training 09:00 Eastern Daylight Time (EDT) Enroll
Online Training 09:00 Pacific Daylight Time (PDT) Enroll
Online Training 09:00 Eastern Daylight Time (EDT) Enroll
Online Training 09:00 Central Daylight Time (CDT) Enroll
Online Training 09:00 Eastern Daylight Time (EDT) Enroll
Online Training 09:00 Pacific Daylight Time (PDT) Enroll
Online Training 09:00 Eastern Daylight Time (EDT) Enroll
Online Training 09:00 Central Standard Time (CST) Enroll

Canada

Online Training 09:00 Central Standard Time (CST) Enroll
Online Training 09:00 Eastern Daylight Time (EDT) Enroll
Online Training 09:00 Pacific Daylight Time (PDT) Enroll
Online Training 09:00 Eastern Daylight Time (EDT) Enroll
Online Training 09:00 Central Daylight Time (CDT) Enroll
Online Training 09:00 Eastern Daylight Time (EDT) Enroll
Online Training 09:00 Pacific Daylight Time (PDT) Enroll
Online Training 09:00 Eastern Daylight Time (EDT) Enroll
Online Training 09:00 Central Standard Time (CST) Enroll