Courses for Enterprise Security End-Users

This 4 virtual-day course focuses on additional SPL commands, using field aliases and calculated fields, creating tags and event types, using macros, creating workflow actions and data models, and normalizing data with the CIM. 

This 4 virtual-day course focuses on additional search commands as well as on advanced use of knowledge objects. Major topics include advanced statistics and eval commands, advanced lookup topics, advanced alert actions, using regex and erex to extract fields, using spath to work with self-referencing data, creating nested macros and macros with event types, and accelerating reports and data models.
 

This 3 virtual day course takes the Splunk search language to the next level. Learn powerful advanced commands and lookup methods.