Skip to content
Splunk Search Expert 102
- Working with Time
- This module is for users who want to become experts at using time in searches. Topics will focus on searching and formatting time in addition to using time commands and working with time zones.
- Statistical Processing
- This module is for users who want to identify and use transforming commands and eval functions to calculate statistics on their data. Topics will cover data series types, primary transforming commands, mathematical and statistical eval functions, using eval as a function, and the rename and sort commands.
- Comparing Values
- This three-hour course is for power users who want to learn how to compare field values using eval functions and eval expressions. Topics will focus on using the comparison and conditional functions of the eval command, and using eval expressions with the fieldformat and where commands.
- Result Modification
- This module is for users who want to use commands to manipulate output and normalize data. Topics will focus on specific commands for manipulating fields and field values, modifying result sets, and managing missing data. Additionally, students will learn how to use specific eval command functions to normalize fields and field values across multiple data sources.
- Leveraging Lookups & Subsearches
- This module is designed for users who want to learn
how to use lookups and subsearches to enrich their results. Topics
will focus on lookup commands and explore how to use subsearches
to correlate and filter data from multiple sources.