SPLK-SPRO - Statistical Processing

Overview

Duration: 3.0 hours

This three-hour course is for power users who want to identify and use transforming commands and eval functions to calculate statistics on their data. Topics will cover data series types, primary transforming commands, mathematical and statistical eval functions, using eval as a function, and the rename and sort commands.

Objectives

Please refer to course overview

Audience

Search Experts Knowledge Managers

Content

Topic 1 – What is a Data Series

Introduce data series
Explore the difference between single-series, multi-series, and time series data series

Topic 2 – Transforming Data

Use the chart, timechart, top, rare, and stats commands to transform events into data tables
Explore search modes and their effect on search results

Topic 3 – Manipulating Data with eval Command

Understand the eval command
Explore and perform calculations using mathematical and statistical eval functions
Perform calculations and concatenations on field values
Use the eval command as a function with the stats command

Topic 4 – Formatting Data

Use the rename command
Use the sort command

Prerequisites

To be successful, students should have a solid understanding of the following:

How Splunk works
Creating Search queries

Certification

Schedule

Enquire Now

By clicking "Submit", I agree to the Terms Of Use and Privacy Policy

➤