In this course, you will learn how fields are extracted and how to create regex and delimited field extractions. You will upload and define lookups, create automatic lookups, and use advanced lookup options. You will learn about datasets, designing data models, and using the Pivot editor. You’ll improve search performance by creating efficient base searches, accelerating reports and data models, and how to use the tstats command.
Overview
Syllabus
- Creating Field Extractions
- This module is for knowledge managers who want to learn about field extraction and the Field Extractor (FX) utility. Topics will cover when certain fields are extracted and how to use the FX to create regex and delimited field extractions.
- Enriching Data with Lookups
- This module is for knowledge managers who want to use lookups to enrich their search environment. Topics will introduce lookup types and cover how to upload and define lookups, create automatic lookups, and use advanced lookup options. Additionally, students will learn how to verify lookup contents in search and review.
- Data Models
- This module is for knowledge managers who want to learn how to create and accelerate data models. Topics will cover datasets, designing data models, using the Pivot editor, and accelerating data models.
- Search Optimization
- This module is for users who want to improve search performance. Topics will cover how search modes affect performance, how to create an efficient basic search, how to accelerate reports and data models, and how to use the tstats command to quickly query data.
Taught by
Splunk Instructor
