Home > Vendors > splunk > splk-cknob

Share

SPLK-CKNOB - Creating Knowledge Objects

This three-hour course is for knowledge managers who want to learn how to create knowledge objects for their search environment using the Splunk web interface. Topics will cover types of knowledge objects, the search-time operation sequence, and the processes for creating event types, workflow actions, tags, aliases, search macros, and calculated fields.

INR 37500 + tax

Code: splk-cknob

Duration: 3.0 hours

Enquire Now

Start learning today!

Click Hereto customize your Training

Objectives

  • Knowledge Objects and Search-time Operations
  • Create Event Types
  • Create Workflow Actions
  • Create Tags and Aliases
  • Create Search Macros
  • Create Calculated Fields

Content

Topic 1 – Knowledge Objects & Search-time Operations

  • Understand role of knowledge objects for enriching data
  • Define search-time operation sequence

Topic 2 – Create Event Types

  • Define event types
  • Create event types using three methods
  • Use event types
  • Find event types
  • Tag event types
  • Compare event types and reports

Topic 3 – Create Workflow Actions

  • Identify what are workflow actions
  • Create a GET, POST, and search workflow action
  • Test workflow actions

Topic 4 – Create Tags and Aliases

  • Describe field aliases
  • Create field aliases
  • Search with field aliases
  • Define tags
  • Create and view tags
  • Search with tags
  • Manage tags

Topic 5 – Create Search Macros

  • Define macros
  • Create macros with and without arguments
  • Validate macro arguments
  • Use and preview macros at search time
  • Use nested macros
  • Use macros with other knowledge objects
  • Use tags/event types with macros
  • Create macros: considerations

Topic 6 – Create Calculated Fields

  • Explain calculated fields
  • Create a calculated field
  • Use a calculated field

Audience

  • Splunk Administrator
  • Developer
  • User
  • Knowledge Manager
  • Architect

Prerequisites

To be successful, students should have completed the following courses:

  • Search Under the Hood
  • Multi-value Fields

Certification

product-certification

Course Benefits

product-benefits
  • Career growth
  • Broad Career opportunities
  • Worldwide recognition from leaders
  • Up-to Date technical skills
  • Popular Certification Badges

Splunk Popular Courses

splk-dyd

This course focuses on creating inputs, chain searches, event annotations, and improving dashboard performance.

splk-introdyd

This course focuses on dashboard creation, including prototyping, the dashboard definition, layouts types, adding visualizations, and dynamic coloring.

splk-lls

This course will focus on lookup commands and explore how to use subsearches to correlate and filter data from multiple sources

splk-wtime

This course will focus on searching and formatting time in addition to using time commands and working with time zones.
Enquire Now
D5P7Ns
By clicking "Submit", I agree to the Terms Of Use and Privacy Policy