- Free Courses
-
Learning Paths
- Courses for Users
- Courses for Splunk Administrators
- Courses for Splunk Cloud Customers
-
Courses for Splunk Architects
- Overview
- Splunk Fundamentals 1
- Splunk Fundamentals 2
- Creating Dashboards with Splunk
- Splunk Fundamentals 3
- Advanced Searching and Reporting
- Splunk Enterprise System Administration
- Splunk Enterprise Data Administration
- Troubleshooting Splunk Enterprise
- Splunk Enterprise Cluster Administration
- Architecting Splunk Enterprise Deployments
- Administering Splunk Enterprise Security
- Courses for App Developers
-
Courses for Enterprise Security Administrators
- Overview
- Splunk Fundamentals 1
- Splunk Fundamentals 2
- Creating Dashboards with Splunk
- Splunk Fundamentals 3
- Advanced Searching and Reporting
- Splunk Enterprise System Administration
- Splunk Enterprise Data Administration
- Architecting Splunk Enterprise Deployments
- Administering Splunk Enterprise Security
- Courses for Enterprise Security End-Users
- Courses for IT Service Intelligence Administrators
- Courses for IT Service Intelligence End-Users
- Courses for Phantom Customers
- Certification Tracks
-
Courses
- Splunk Fundamentals 1
- Splunk Fundamentals 2
- Splunk Fundamentals 3
- Advanced Searching and Reporting
- Creating Dashboards with Splunk
- Advanced Dashboards and Visualizations
- Building Splunk Apps
- Splunk for Analytics and Data Science
- Splunk Infrastructure Overview
- Splunk Enterprise System Administration
- Splunk Enterprise Data Administration
- Troubleshooting Splunk Enterprise
- Splunk Enterprise Cluster Administration
- Splunk Cloud Administration
- Architecting Splunk Enterprise Deployments
- Splunk Enterprise Practical Lab
- Developing with Splunk's REST API
- Administering Splunk Enterprise Security
- Using Splunk Enterprise Security
- Implementing Splunk IT Service Intelligence
- Using Splunk IT Service Intelligence
- Splunk User Behavior Analytics
- Introduction to Phantom
- Developing Phantom Playbooks
-
Videos
- All Videos
- Splunk Cloud Tutorial
- Installing Splunk Enterprise on Linux
- Installing Splunk Enterprise on Windows
- Getting Data In to Splunk Enterprise (Linux)
- Getting Data In (Windows)
- Getting Data In with Forwarders
- Basic Search in Splunk Enterprise
- Create a Dashboard in Splunk Enterprise
- Using the Splunk MINT SDK for Android
- Using the Splunk MINT SDK for iOS
- Basic Search in Splunk Light
- Create Reports in Splunk Light
- Create Dashboards in Splunk Light
- Create Alerts in Splunk Light
- Splunk Certification Candidate Journey
- Creating Alerts in Splunk Enterprise
-
- Certification Exams
- Program Guide + FAQ
- Download Fact Sheet
Course Description
This nine-hour course focuses on Splunk's search and reporting commands. Scenario-based examples and hands-on challenges enable users to create robust searches, reports and charts.
Instructor-led Training Schedule
- Search Fundamentals
- Transforming Commands
- Deriving Statistics
- Creating Visualizations
- Enriching Visualizations
- Manipulating and Filtering Results
- Correlating Events
- Review basic search commands and general search practices
- Examine the anatomy of a search
- Use the following commands to perform searches: tables, rename, fields, dedup, sort
- Use the following commands and their functions: top, rare, stats
- Data structure requirements
- Create and format basic charts
- Create and format timecharts
- Use the following commands and their functions: trendline, iplocation, geostats, geom, single values, addtotals
- Use the following commands and their functions: eval, filnull, search, where
- Identify transactions
- Group events using fields
- Group events using fields and time
- Search with transactions
- Report on transactions
- Determine when to use transactions vs. stats