LENGTH: 0,96 Hours (0,12 days)
This three-hour course is for knowledge managers who want to learn how to create knowledge objects for their search environment using the Splunk web interface. Topics will cover types of knowledge objects, the search-time operation sequence, and the processes for creating event types, workflow actions, tags, aliases, search macros, and calculated fields.
To be successful, students should have a solid understanding of the following:
Topic 1 – Knowledge Objects & Search-time Operations
Topic 2 – Creating Event Types
Topic 3 – Creating Workflow Actions
Topic 4 – Creating Tags and Aliases
Topic 5 – Creating Search Macros
Topic 6 – Creating Calculated Fields
Individuals who enroll in this class will also be enrolled in an (eLearning with Labs) component. Completion of labs and quizzes is required in order to receive proof of completion.