Skip to main content

Splunk Training + Certification

Intro to Knowledge Objects

Course Description

This eLearning course teaches students about how different types of knowledge objects to extract additional insights from their data. Students will learn the basics of how to create knowledge objects, define their settings, edit, and manage existing knowledge objects.


Learn at your own pace through these free, video-only online courses accessible anytime, anywhere.


Course Prerequisites

  • Intro to Splunk eLearning course (recommended)
  • None

Course Topics

  • Using knowledge objects to discover and analyze data
  • Developing naming conventions for knowledge objects
  • Defining permissions for knowledge objects
  • Managing knowledge objects

Course Objectives

Topic 1 – What Are Knowledge Objects?
  • Understand the different types of knowledge objects:
  • Fields
  • Field Extractions
  • Field aliases
  • Calculated fields
  • Lookups
  • Event types
  • Tags
  • Workflow actions
  • Reports
  • Alerts
  • Macros
  • Data models
Topic 2 – Knowledge Object Settings
  • Define naming conventions
  • Define role-based permissions for knowledge objects
Topic 3 – Managing Knowledge Objects
  • Edit knowledge objects
  • Reassign knowledge objects