Intro to Splunk for Power Users (TTDSPL01) Course Details:

Are you in charge of creating Splunk knowledge objects for your organization?  Then you will benefit from this foundation-level course that walks you through the various knowledge objects and how to create them. Splunk for Power Users is an introductory-level hands-on course that teaches students how to search, navigate, tag, build alerts, create simple reports and dashboards in Splunk, and how to Splunk's Pivot interface. 

This course is an independent content (not Splunk certified) course. Please note that this course is geared for users who are new to Splunk. Users familiar with Splunk already may benefit from more advanced training in a different course.

    No classes are currenty scheduled for this course.

    Call (919) 283-1653 to get a class scheduled online or in your area!

Session 1: Introducing Buttercup Games

  • Understand the lab environment
  • Understand the overarching scenario for the course

Session 2: Introduction to Splunk’s User Interface

  • Understand the uses of Splunk
  • Define Splunk Apps
  • Learn basic navigation in Splunk

Session 3: Searching and Saving Results

  • Run basic searches
  • Set the time range of a search
  • Identify the contents of search results
  • Use the timeline
  • Work with events
  • Control a search job
  • Save search results

Session 4: Using Fields and Tags

  • Understand fields
  • Use fields in searches
  • Use the fields sidebar
  • Describe tags
  • Create tags and use tags in a search

Session 5: Creating Alerts

  • Describe alerts
  • Create an alert
  • View fired alerts

Session 6: Creating Reports and Visualizations

  • Save a search as a report
  • Edit reports
  • Create reports that include Visualizations
  • Add reports to a dashboard

Session 7: Using Pivot

  • Describe Pivot
  • Understand the relationship between data models and pivot
  • Select a data model object
  • Create a pivot report

Session 8: Introducing Buttercup Games

  • Review Buttercup Games Company
  • Become familiar with the source types used during the course

Session 9: Search Fundamentals

  • Review basic search commands and general search practices
  • Examine the anatomy of a search
  • Use the following commands to perform searches:
  • fields
  • table
  • rename
  • rex & erex
  • multikv
  • Session 10: Getting Statistics
  • Use the following commands and their functions:
  • top
  • rare
  • stats
  • addtotals

Session 11: Creating Visualizations

  • Explore the available visualizations
  • Create a basic chart
  • Split values into multiple series
  • Create a timechart
  • Chart multiple values on the same timeline
  • Apply statistical functions

Session 12: Analyzing, Calculating, and Formatting Results

  • Using the eval command:
  • Perform calculations
  • Convert values
  • Round values
  • Format values
  • Use conditional statements
  • Further filter calculated results
  • Use the rangemap command
  • Use the xyseries command

Session 13: Correlating Events

  • Identify transactions
  • Group events using fields
  • Group events using fields and time
  • Search with transactions
  • Report on transactions
  • Determine when to use transactions vs. stats

Session 14: Enriching Data with Lookups

  • Describe lookups
  • Examine a lookup file example
  • Create a lookup table
  • Define a lookup
  • Configure an automatic lookup
  • Use the lookup in searches and reports

Session 15: Accelerating Reports

  • Describe report acceleration
  • Accelerate reports
  • Create summaries
  • Search against summaries
  • Describe summary management

Session 16: What is the common information model

  • Understand the relationship between knowledge objects and the CIM
  • Describe the Common Information Model
  • Review the components of CIM
  • Review of Splunk Apps

Session 17: Working with Fields

  • Create and use field aliases
  • Manage tags
  • Create calculated fields
  • Perform field extractions with Interactive Field Extractor
  • Create and manage field transformations

*Please Note: Course Outline is subject to change without notice. Exact course outline will be provided at time of registration.

Working within in an engaging, hands-on learning environment, guided by our expert practitioner, students will explore:

  • Introduction to the Splunk interface
  • Searching and saving results
  • Using fields and tags
  • Creating alerts
  • Creating reports and visualizations
  • Using Pivot

Skills-Focused, Hands On Learning: This course is about 50% hands-on lab to 50% lecture ratio, combining engaging instructor presentation, demos and practical group discussions with lab intensive, machine-based student exercises.

This is a technical class for technical people, geared for Users, Administrators, Architects, Developers & Support Engineers who are new to Splunk. This course is ideal for anyone in your organization who need to examine and use IT data. 

Ideal attendees would include:

  • Beginners in Splunk who want to enhance their knowledge about this Software usage
  • System Administrators and Software Developers
  • Professionals who are eager to learn to search and analyze machine-generated data using a faster and agile software

Ready to Jumpstart Your IT Career?