Course Code:
bspsppst
Duration:
3 hours
Prerequisites:
- Splunk Basics
Overview:
.
Course Outline:
Data Series
- What is a data series
- Single-series, multi-series and time-series data series
Data Transformation
- How to use chart, timechart, top, rare and stats commands to move events into data tables
- Search modes and search results
Manipulating Data with eval Command
- The eval command
- Calculations using mathematical and statistical eval functionality
- Calculations and concatenations on field values
- The eval command as a function with the stats command
Data Formatting
- The rename command
- The sort command