Splunk Search Expert Fast Start (SE-FS)

 

Course Overview

This "Fast Start" course covers over 60 commands and functions and prepares students to be search experts. Students will learn how to effectively utilize time in searches, work with different time zones, use transforming commands and eval functions to calculate statistics, compare field values with eval functions and eval expressions, manipulate output, normalize fields and field values, use lookups and subsearches to enrich results, and correlate and filter data from multiple sources.

This class will take place over three 6-hour days (plus a 1-hour break each day)

Prerequisites

To be successful, students should have a solid understanding of the following:

  • How Splunk Works
  • Creating Search queries
  • Knowledge objects (specifically reports, lookups, and fields)

OR have taken the following:

  • Foundation Fast Start OR
  • What is Splunk? (Retired), Intro to Splunk (ITS) and [Using Fields (SUF)

Outline: Splunk Search Expert Fast Start (SE-FS)

Topic 1 – Working with Time
  • Searching with Time
  • Formatting Time
  • Comparing index Time versus Search Time
  • Using Time Commands
  • Working with Time Zones
Topic 2 – Statistical Processing
  • What is a Data Series?
  • Transforming Data
  • Manipulating Data with eval
  • Formatting Data
Topic 3 – Comparing Values
  • Using eval to Compare
  • Filtering with where
Topic 4 – Result Modification
  • Manipulating Output
  • Modifying REsults Sets
  • Managing Missing Data
  • Modifying Field Values
  • Normalizing with eval
Topic 5 – Leveraging Lookups and Subsearches
  • Using Lookup Commands
  • Adding a Subsearch
  • Using the return Command
Topic 6 - Correlation Analysis
  • Caclulate Co-Occurance Between Fields
  • Analyze Multiple Datasets

Prices & Delivery methods

Online Training

Duration
3 days

Price
  • US $ 3,000
  • Splunk Training Units: 300 SPC
Classroom Training

Duration
3 days

Price
  • United States: US $ 3,000
  • Splunk Training Units: 300 SPC

Click on town name or "Online Training" to book Schedule

This is an Instructor-Led Classroom course
Instructor-led Online Training:   This is an Instructor-Led Online (ILO) course. These sessions are conducted via WebEx in a VoIP environment and require an Internet Connection and headset with microphone connected to your computer or laptop.
This is a FLEX course, which is delivered simultaneously in two modalities. Choose to attend the Instructor-Led Online (ILO) virtual session or Instructor-Led Classroom (ILT) session.

United States

Online Training 09:00 Eastern Standard Time (EST) Enroll
Online Training 09:00 Eastern Standard Time (EST) Enroll
Online Training 09:00 Pacific Daylight Time (PDT) Enroll
Online Training 09:00 Eastern Daylight Time (EDT) Enroll
Online Training 09:00 Eastern Daylight Time (EDT) Enroll
Online Training 09:00 Pacific Daylight Time (PDT) Enroll
Online Training 09:00 Eastern Daylight Time (EDT) Enroll
Online Training 09:00 Central Standard Time (CST) Enroll
Online Training 09:00 Eastern Standard Time (EST) Enroll

Canada

Online Training 09:00 Eastern Standard Time (EST) Enroll
Online Training 09:00 Eastern Standard Time (EST) Enroll
Online Training 09:00 Pacific Daylight Time (PDT) Enroll
Online Training 09:00 Eastern Daylight Time (EDT) Enroll
Online Training 09:00 Eastern Daylight Time (EDT) Enroll
Online Training 09:00 Pacific Daylight Time (PDT) Enroll
Online Training 09:00 Eastern Daylight Time (EDT) Enroll
Online Training 09:00 Central Standard Time (CST) Enroll
Online Training 09:00 Eastern Standard Time (EST) Enroll