Splunk Advanced custom course 

Materials: digital manual 
Attendance: 6 to 14 people 
Delivery: live virtual, English 
Availability: early 2019

Course outline

Day 1
Transforming commands and visualization
Explore data structure requirements
Explore visualization types
Create and format charts and timecharts
Filtering and formatting
The eval command
Using the search and where commands to filter results
The filnull command
Correlating events
Identify transactions
Group events using fields
Group events using fields and time
Search with transactions
Report on transactions
Knowledge objects
Identify naming conventions
Fields (Field aliases, field extractions, calculated fields)
Tags and event types
Describe macros
Create and use a basic macro
Define arguments and variables for a macro



Day 2
Workflow actions
Describe the function of GET, POST, and Search Workflow actions
Create a GET workflow action
Create a POST workflow action
Create a Search workflow action
Data models
Describe the relationship between data models and pivot
Identify data model attributes
Create a data model
Splunk Troubleshooting Methods and Tools
Splunk troubleshooting approach
Splunk diagnostic resources and tools
Installation, Licensing, and Crash Problems
Installation issues
License issues
Crash issues
Search Problems
Search issues
Job inspector
User Management Problems
Splunk users and role capabilities
Directory integration issues

Follow on
There are no follow-ons for this course.

Certification programs
There are no certifications associated with this course.