Splunk Fundamental 1
Modules
Module 1 - Introduction
Splunk Introduction
Module 2 - What is Splunk
Splunk components
Installing Splunk
Getting data into Splunk
Module 3 -Introduction to Splunk's User Interface
Understand the uses of Splunk
Define Splunk Apps
Customizing your user settings
Learn basic navigation in Splunk
Module 4 - Basic Searching
Run basic searches
Use autocomplete to help build a search
Set the time range of a search
Identify the contents of search results
Refine searches
Use the timeline
Work with events
Control a search job
Save search results
Module 5 - Using Fields in Searches
Understand fields
Use fields in searches
Use the fields sidebar
Module 6 - Search Language Fundamentals
Review basic search commands and general search practices
Examine the search pipeline
Specify indexes in searches
Use autocomplete and syntax highlighting
Use the following commands to perform searches:
tables
rename
fields
dedup
sort
Module 7 - Using Basic Transforming Commands
The top command
The rare command
The stats command
Module 8 - Creating Reports and Dashboards
Save a search as a report
Edit reports
Create reports that include visualizations such as charts and tables
Create a dashboard
Add a report to a dashboard
Edit a dashboard
Module 9 - Creating and Using Lookups
Describe lookups
Create a lookup file and create a lookup definition
Configure an automatic lookup
Module 10 - Creating Scheduled Reports and Alerts
Describe scheduled reports
Configure scheduled reports
Describe alerts
Create alerts
View fired alerts
Module 11 - Using Pivot
Describe Pivot
Understand the relationship between data models and pivot
Select a data model object
Create a pivot report
Create an instant pivot from a search
Add a pivot report to a dashboard
Splunk Fundamental 2
Modules
Module 1 - Beyond Search Fundamentals
Case sensitivity
Using the job inspector to view search performance
Module 2 - Using Transforming Commands for Visualizations
Explore data structure requirements
Explore visualization types
Create and format charts and timecharts
Module 3 - Using Mapping and Single Value Commands
The iplocation command
The geostats command
The geom command
The addtotals command
Module 4 -Filtering and Formatting Results
The eval command
Using the search and where commands to filter results
The filnull command
Module 5 - Correlating Events
Identify transactions
Group events using fields
Group events using fields and time
Search with transactions
Report on transactions
Determine when to use transactions vs. stats
Module 6 - Introduction to Knowledge Objects
Identify naming conventions
Review permissions
Manage knowledge objects
Module 7 - Creating and Managing Fields
Perform regex field extractions using the Field Extractor (FX)
Perform delimiter field extractions using the FX
Module 8 - Creating Field Aliases and Calculated Fields
Describe, create, and use field aliases
Describe, create and use calculated fields
Module 11 - Creating Tags and Event Types
Create and use tags
Describe event types and their uses
Create an event type
Module 12 - Creating and Using Macros
Describe macros
Create and use a basic macro
Define arguments and variables for a macro
Add and use arguments with a macro
Module 13 - Creating and Using Workflow Actions
Describe the function of GET, POST, and Search workflow actions
Create a GET workflow action
Create a POST workflow action
Create a Search workflow action
Module 14 - Creating Data Models
Describe the relationship between data models and pivot
Identify data model attributes
Create a data model
Use a data model in pivot
Module 15 - Using the Common Information Model (CIM) Add-On
Describe the Splunk CIM
List the knowledge objects included with the Splunk CIM Add-On
Use the CIM Add-On to normalize data
