Skip to main content

Splunk Training + Certification

Intro to Knowledge Objects

Course Description

This eLearning course teaches students about how different types of knowledge objects to extract additional insights from their data. Students will learn the basics of how to create knowledge objects, define their settings, edit, and manage existing knowledge objects.

eLearning with Labs

The best of both delivery methods. Self-paced eLearning videos accessible anytime, anywhere, plus access to the interactive lab environment to sharpen your skills.

Register
eLearning

Learn at your own pace through these free, video-only online courses accessible anytime, anywhere.

Register

Course Prerequisites

Classes:
  • Intro to Splunk eLearning course (recommended)
Skills:
  • None

Course Topics

  • Using knowledge objects to discover and analyze data
  • Developing naming conventions for knowledge objects
  • Defining permissions for knowledge objects
  • Managing knowledge objects

Course Objectives
 

Topic 1 – What Are Knowledge Objects?
  • Understand the different types of knowledge objects:
  • Fields
  • Field Extractions
  • Field aliases
  • Calculated fields
  • Lookups
  • Event types
  • Tags
  • Workflow actions
  • Reports
  • Alerts
  • Macros
  • Data models
Topic 2 – Knowledge Object Settings
  • Define naming conventions
  • Define role-based permissions for knowledge objects
Topic 3 – Managing Knowledge Objects
  • Edit knowledge objects
  • Reassign knowledge objects