Vendors

This course is designed for developers responsible for debugging their own applications, and for SREs responsible for troubleshooting performance issues. The Splunk Log Observer is built primarily for DevOps teams working on applications built on modern tech stacks (containerized micro-services). However, the course it can be taken by anyone who wants to view recent log data in a no-code environment. This 1-virtual-day course describes how to use the tool to work with log data using the no-code user interface. You will learn to create, save, and share search filters; and to investigate the shape of your log data. You will analyze logs with aggregation functions and group by rules. And you will create rules to manipulate incoming data, as well as to generate synthetic metrics from log data. All concepts are taught using lectures and scenario-based hands-on activities.

img-course-overview.jpg

What You'll Learn

  • View log data
  • Describe how log data is parsed and structured in the tool
  • Create filters for log data; save and reuse these filters
  • Investigate the shape of log data with the Log Observer
  • Analyze data with aggregation functions and group by rules
  • Manage the data pipeline using rules
  • Create Synthetic Metrics from Log Data

Who Should Attend

img-who-should-learn.png

Prerequisites

Prior experience with Splunk Infrastructure Monitoring and/or Splunk APM is recommended

Learning Journey

Coming Soon...

Module 1: Introduction

  • Describe the "Three Pillars of Observability"
  • Explain how Splunk navigates between the three data types
  • Explain at a high level how Splunk collects each data type
  • Explain what a no-code search is
  • Describe some use cases for the Log Observer

Module 2: Log Observer Basics

  • Use the Log Observer to view trends in logs over time
  • Use an aggregation function to summarize log data
  • Browse fields and top values for logs
  • Create a set of filters from field data
  • Save filter sets
  • Change the time range for logs displayed
  • Describe the relationship between the four parts of the Log Observer Interface

Module 3: Advanced Searching

  • Add multiple search filters using field values and keywords
  • Create and tag Saved Queries
  • Create visualizations from aggregate log data
  • Segment visualization using group by
  • Use search time rules to temporarily transform incoming data
  • View and configure Live Tail mode
  • Restrict time windows for viewing log data in various ways

Module 4: Managing Data Pipelines

  • Describe the data processing pipeline and data indexing
  • Explain some use cases for data processing rules
  • Describe the rule types
  • Differentiate between index-time and search-time rules
  • Add a rule to the pipeline or edit an existing rule
  • Create synthetic metrics from log data
  • Create rules to determine which data is indexed vs being archived (Infinite Logging)

Module 5: Getting Data In

  • Explain field types in the Log Observer
  • Describe the various ways to bring log data into Splunk Observability
  • Name some of the ways that log data is enriched
  • Differentiate between log messages and metadata
  • Describe how metadata is stored and accessed on log messages

Frequently Asked Questions (FAQs)

  • Why get Splunk certified?

    Splunk certifications validate your expertise in data analytics and your proficiency in using the Splunk platform.

    These certifications demonstrate your ability to leverage Splunk's powerful tools for data collection, analysis, and visualization, making you a valuable asset to organizations seeking to gain actionable insights from their data.

    Splunk-certified professionals are in high demand across various industries, including IT, security, and business analytics.

  • What to expect for the examination?

    Splunk offers a variety of certification exams at different levels, covering various domains and products within the Splunk platform.

    Exams typically consist of multiple-choice and scenario-based questions that assess your knowledge and skills in using Splunk to solve real-world problems.

    Note: Certification requirements and policies may be updated by Splunk from time to time. We apologize for any discrepancies; do get in touch with us if you have any questions.

  • How long is Splunk certification valid for?

    All Splunk certifications are valid for three years from the date of passing the highest-level certification exam.

    To maintain your certification, you will need to recertify before it expires. You have three options for recertification:

    - Pursue a higher-level certification (including any required prerequisite courses), in which case your lower-level certifications would also be renewed on the date of passing the next-level certification exam.

    - Retake a certification exam within the final year of their recertification window to renew their certifications at that level (and any applicable downstream certifications).

    - Complete continuing education courses at any point in the three year recertification window beginning the date of badge issuance.

    Note: Certification requirements and policies may be updated by Splunk from time to time. We apologize for any discrepancies; do get in touch with us if you have any questions.

  • Why take this course with Trainocate?

    Here’s what sets us apart:

    - Global Reach, Localized Accessibility: Benefit from our geographically diverse training hubs in 16 countries (and counting!).

    - Top-Rated Instructors: Our team of subject matter experts (with high average CSAT and MTM scores) are passionate to help you accelerate your digital transformation.

    - Customized Training Solutions: Choose from on-site, virtual classrooms, or self-paced learning to fit your organization and individual needs.

    - Experiential Learning: Dive into interactive training with our curated lesson plans. Participate in hands-on labs, solve real-world challenges, and take on comprehensive assessments.

    - Learn From The Best: With 30+ authorized training partnerships and countless awards from Microsoft, AWS, Google – you're guaranteed learning from the industry's elite.

    - Your Bridge To Success: We provide up-to-date course materials, helpful exam guides, and dedicated support to validate your expertise and elevate your career.

Keep Exploring

Course Curriculum

Course Curriculum

Training Schedule

Training Schedule

Exam & Certification

Exam & Certification

FAQs

Frequently Asked Questions

img-improve-career.jpg

Improve yourself and your career by taking this course.

More Courses By Splunk

img-get-info.jpg

Ready to Take Your Business from Great to Awesome?

Level-up by partnering with Trainocate. Get in touch today.

Name
Email
Phone
I'm inquiring for

Inquiry Details

By providing your contact details, you agree to our Privacy Policy.