Working with Metrics in Splunk
View My Training Profile
Course Description

This course provides Splunk users in-depth information about metrics, ingesting and searching metrics data, and how to use the Metrics Workspace to analyze and create visualizations.

Download Course Description
Instructor-led Training Schedule
View Schedule

Course Prerequisites

Required:

  • Splunk Fundamentals 1
  • Splunk Fundamentals 2
  • Splunk Enterprise System Administration
Recommended:
  • Splunk Enterprise Data Administration

 

Course Topics

  • Metrics Overview
  • Metrics Terminology
  • Onboard Metrics Data
  • Metrics Indexing
  • Protocols to Ingest Metrics Data
  • Metrics SPL Commands
  • Log to metrics Conversion
  • Use the Metrics Workspace
  • Metrics Best Practices
Course Objectives

Module 1 – Metrics Overview

  • Overview of metrics data and terminology
  • Review Splunk framework for metrics
  • Discuss metrics use cases

Module 2 – Onboarding Metrics Data

  • Review metrics source types and protocols
  • Describe metrics indexing
  • Introduce rollup policies
  • Review the process of ingesting metrics data

Module 3 – Log to Metrics

  • Create metrics data from events
  • Create a log to metrics source type
  • Ingest event and metrics data from log files

Module 4 – Searching Metrics Data

  • Search metrics data using SPL
  • Review the Metrics Workspace
  • Use the metrics workspace to analyze and visualize metrics data