Splunk Online Workshop

Duration : 3 Days (9:30 AM to 5:30 PM)

Date : 01, 02, 03 March 2023

Overview 

Splunk is a software that is used to monitor, search, Analyze and visualize machine generated data in real time. It captures, correlates, and indexes the real-time data in a searchable container and generates alerts, dashboards, graphs, and visualizations. It offers easy to access data over the entire organization.

This Splunk training include Splunk developer concepts like basics of Splunk development, fields in searches, saving and scheduling the searches, tags and events types, workflows, Splunk search commands, etc., and Splunk Administration concepts like Splunk installation, Splunk app, Splunk configuration files, Splunk indexes and uses, Splunk production and administration environment, spunk input methods, etc. With the knowledge of all these concepts, you will excel in your work. So enroll now in Splunk Training and improve your professional status.

Prerequisites

  • Exposure to machine data like web logs, db logs and etc.,
  •  Basic exposure to machine Splunk search


Course Contents 

DAY-1: Splunk Essentials
  • Introduction
  • What is Machine Data?
  • Use case for Splunk
  • Event Fields
  • Source
  • Sourcetype
  • Host
  • Timestamp
  • Search

Getting Started with Splunk
  • Installing Splunk
  • Starting Splunk
  • Stopping and Restarting Splunk
  • Finding Splunk status
  • Exploring Splunk Web
  • Administrator: Preferences and Account Settings
  • Activity: Jobs and Alerts
  • Users and Authentication: Users, Roles, Authentication
  • Server Settings and Controls
  • Data Inputs, Inexes and Sourcetypes
  • Knowledge Objects

Splunk Architecture
  • Splunk Daemon
  • Web Server
  • REST API
  • Indexers and Forwarders
  • Modular Inputs
  • Indexes
  • Search Manager and SPL
  • Apps

SPL
  • Syntax: operators, delimiters, wildcards
  • Commands and Functions
  • Pipelines
  • Subsearches
  • Types and Categories of Search
  • Search Processing Language
  • Search Command Reference
  • Using: search, stats, eval, top, rare, fields, sort, chart, timechart, where History and Realtime
    Searches

Reports
  • Understanding Reports
  • Creating Reports
  • Including visualizations
  • Viewing Reports
  • Scheduling Reports
  • Accelerating Reports
  • Configuring Actions

Alerts
  • Understanding Alerts
  • Creating Alerts
  • Viewing Fired Alerts
  • Visualization
  • Understanding Visualization
  • Chart Commands
  • Generating and viewing Tables
  • Charts: Pie, Line, Area, Bar and Column
  • Gauges, Fillers and Single Value
  • Customizing Formats
  • Trellis
DAY-2: Knowledge Objects
  • Field Aliases
  • Creating and using aliases
  • Calculated Fields
  • Understanding Calculated Fields
  • Defining Calculated Fields
  • Viewing Calculated Fields
  • Using Calculated Fields
  • Extracting Fields
  • Understanding Field Extraction
  • Extracting using delimiters
  • Extracting using regular expressions
  • Viewing extracted fields
  • Using extracted fields

Event Types
  • Understanding Event Types
  • Defining Event Types
  • Using Event Types
  • Viewing Event Types

Tags
  • Understanding Tags
  • Assigning Tags to fields
  • Assigning Tags to event-types
  • Viewing Tags
  • Using Tags

Macros
  • Understanding Macros
  • Defining Macros
  • Passing Arguments
  • Viewing Macros
  • Using Macros

Workflow Actions
  • Understanding Workflow Actions
  • Creating Workflow Actions
  • Actions on Fields
  • Actions on Events
  • Actions to fire a search
  • Actions to fire a HTTP GET/POST request
  • Passing Arguments
  • Viewing Worklow Actions
  • Using Workflow Actions

Transactions
  • Understanding Event Correlations
  • Group fields
  • Group fields and time
  • Define transaction macros

Lookups
  • Understanding Lookups
  • CSV Lookups
  • Create Lookup Tables
  • Define Lookups
  • Use Lookups
  • Automate Lookups

DAY-3: Extending Splunk
  • Views and Dashboards
  • Understanding Views
  • Creating Dashboards
  • Adding Events
  • Adding Visualizations
  • Adding Forms
  • Simple XML
  • Organizing Panels
  • Viewing Dashboards

App Development
  • Understanding Apps
  • Apps Vs Add-ons
  • Viewing Apps
  • Installing apps from splunkbase
  • App Directory Structure
  • Creating App
  • Adding Knowledge Objects
  • Adding Views and Dashboards
  • Adding Data Inputs
  • Inspecting Apps
  • Packaging Apps
  • Installing Packaged Apps

Data Input
  • Monitoring Files and Directories
  • Script Data Generators
  • Modular Data Input
  • Add-on Splunkbase
  • Monitoring REST Endpoints

Index Management
  • Understanding Indexes
  • Raw Files and Index Files
  • Buckets
  • Rolling Buckets
  • Index Types
  • Pipelines: Parsing and Indexing
  • Default and Internal Indexes
  • Creating Indexes
  • Using Indexes
  • Searching Indexes
  • Deleting events from future searches
  • Removing data from indexes
  • Disabling indexes
  • Removing indexes

Job Inspector
  • Understanding search execution
  • Using Job Inspector
  • Interpreting the figures

REST API
  • Understanding REST Concepts
  • Splunk REST Endpoints
  • Using Curl
  • Using Search REST API
  • Using Knowledge Object REST API

Analytics Workspace
  • Usecase
  • Exploring the Analytics Workspace
  • Data Types: Metrics, Datasets and Alerts
  • Charting
  • Dashboards
  • Alerts
  • Analysing Data
  • Creating Dashboards
  • Best Practices and Case Study

Date

Mar 01 - 03 2023
Expired!

Time

VILT
9:30 AM - 5:30 PM

Cost

INR 22,950.00

ENQUIRE NOW