Scribd
Upload
4 views

Splunk Fundamentals

The Splunk Fundamentals course aims to teach users how to utilize transforming commands, filter search results, correlate events, and manage knowledge objects. It covers the basics of Splunk as a data platform for observability, IT, and security, along with search practices, visualizations, and creating dashboards and alerts. Participants will learn to create and manage fields, tags, event types, and macros to enhance their data analysis capabilities.

Uploaded by

desaiabha1402
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
4 views

Splunk Fundamentals

The Splunk Fundamentals course aims to teach users how to utilize transforming commands, filter search results, correlate events, and manage knowledge objects. It covers the basics of Splunk as a data platform for observability, IT, and security, along with search practices, visualizations, and creating dashboards and alerts. Participants will learn to create and manage fields, tags, event types, and macros to enhance their data analysis capabilities.

Uploaded by

desaiabha1402
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
You are on page 1/ 84

Splunk Fundamentals

Course Goals
1. Use of transforming commands & visualizations
2. Filter & Format the results of a search
3. Correlate events into transactions
4. Create and manage Knowledge Objects
5. Create and manage extracted fields, filed aliases, calculated fields.
6. Create tags & event types
7. Create and use macros
8. Create and Manage Dashboard, alert and reports
What is Splunk
• The data platform that helps turn data into action for Observability, IT,
Security and more.

• The Splunk platform removes the barriers between data and action,
empowering observability, IT and security teams to ensure their
organizations are secure, resilient and innovative.
How does Splunk works?
Basic Search Review
Basic Search Review
Case Sensitivity – Sensitive
Case Sensitivity – Insensitive
General Search Practices
General Search Practices –
Wildcards
General Search Practices
Transforming Search Commands
Search Mode – Fast Mode
Search Mode – Fast Mode
Search Mode- Smart Mode (Default)
Search Mode –Verbose Mode
Search Performance - Modes
Using Transforming Commands for
Visualizations
Viewing Results as a Visualization
Single Series
Multi Series
Time Series
Charts
Charts - Line
Charts – Area
Charts – Column
Charts – Column (Stacked Format)
Charts – Bar
Charts – Pie
Chart Command
NULL & OTHER Values
Limiting the number of values
Timechart command
Timechart command – Sampling
Interval
Timewrap Command
Timewrap – Syntax & Example
Transforming Command Summary
Single Value Visualizations
Single Value Visualizations –
Timechart
Add totals Using Format
Add Totals using addtotals
Command
Addtotlas command - Syntex
Filtering Results and Manipulating
Data
Eval Command
Eval Command – Operators
Eval command – tostring Function
Eval command – duration option
Eval Command – if function
Eval Command – case function
Filtering Results – search and where
Fillnull command
Correlating Events
Transaction command
Transaction command – Specific
fields
Transaction Command – maxspan &
maxpause
Transaction command –
startswith/endswith
Transaction vs stats
Knowledge Objects
What are KOs
Reviewing Permissions
Creating &Managing Fields
Field Auto-Extraction
Creating Field Aliases & Calculated
Fields
Field Aliases
Creating a Field Alias
Calculated Field
Creating a calculated field
Using a calculated field
Working with Tags & Event Types
Tags
Creating Tags
Using Tags
Event Types
Creating Event Type
Search-Time Operation Sequence
Search-Time Operation Sequence
Creating & Using Macros
Macros Overview
Previewing a Macro
Using a macro
Dashboard
Alerts
Reports
Questions ?

You might also like