نرم افزار Splunk یک SIEM است که بصورت پلتفرمی قدرتمند بمنظور جمع آوری لاگها، جستجو، مشاهده، آنالیز و تحلیل دادهها در سازمانها نصب میشود و فعالیت میکند. کشف اطلاعات از طریق پردازش هزاران داده از بررسی لاگها انجام میشود. به بیانی دیگر Splunk دادههای خام را جمع آوری و فهرست بندی میکند و به شما این امکان را میدهد که بتوانید بر روی تمام دادهها عملیات جستجو را انجام دهید و نتایج را به هر صورت قابل دلخواه مشاهده کنید.
لینک دانلود دوره آموزشی Practical Splunk for Beginners LiveLessons
رمز فايل: technet24.ir
- Copyright 2022
- Price: $299.99
- Edition: 1st
- ISBN-10: 0-13-743521-5
- ISBN-13: 978-0-13-743521-0
- By: Karun Subramanian
- Published: Aug 18, 2021 by Addison-Wesley Professional
- Part of the LiveLessons series
4+ Hours of Video Instruction
Hands-on approach to learning the Splunk platform to search, report, and visualize machine-generated data.
Overview
Practical Splunk for Beginners LiveLessons provides you with functional, hands-on instruction on how to create data intelligence from machine-generated data.
Skill Level
- Beginner to Intermediate
Learn How To
- Search using Search Processing Language (SPL)
- Group and correlate events
- Perform statistical calculations from search results
- Visualize data using charts
- Create reports and alerts
- Create dashboards
- Use lookups to enhance search results
Who Should Take This Course
- Users in IT Operations area who need to use Splunk for monitoring and troubleshooting their applications and infrastructure
- Application developers and architects will also find the course useful for analyzing application log files
- Security professionals can make use of the course if they use Splunk as an SIEM platform
Course Requirements
- Basic Linux commands
- Basic SQL queries
Lesson Descriptions:
Lesson 1: The Splunk Platform
In this lesson Karun covers the basics of the Splunk platform. You learn what Splunk is and why organizations use it. He reviews the various components that make up the Splunk platform. He covers the role of a Splunk search head and an indexer. He also covers the practical ways Splunk can be used in your organization. Finally, Karun shows you how to install and set up Splunk in your own local environment. Learning is a lot easier and more fun when you have your own Splunk environment. By the end of the lesson, you will have a good understanding of the Splunk platform, setting you up for more learning and effective use.
Lesson 2: Search Processing Language
This lesson dives into the Splunk Search Processing Language, also known as SPL, which is the backbone of the Splunk platform. Karun presents the Splunk search interface to you by walking you through the Splunk Web search and reporting app. Then, he moves on to exploring the structure and syntax of an SPL query. Karun talks about components you can use in an SPL Query such as wildcards, key value pairs, Boolean expressions, and the all-powerful PIPE. Finally, you start to run your own searches. Karun reviews plenty of examples that cover various aspects of an SPL query. By the end of this lesson, you will have learned how to start running simple SPL queries to retrieve data from Splunk.
Lesson 3: Creating Statistics
In Lesson 3, you learn one of the most useful functions of Splunk–creating statistics out of your machine data. Karun starts by exploring how to use the Stats command. Then, he explores many examples of the Stats command, and you learn how to use mathematical functions. You then learn one of the most utilized commands in SPL, Eval. Using Eval, you learn how to create and manipulate field values. Finally, you learn how to plot metrics against time by using the Timechart command. By the end of this lesson, you will know how to use Stats, Eval, and Timechart to produce useful data-intelligence from your machine data.
Lesson 4: Fields and Field Extractions
Fields allow you to tailor your searches. Fields are searchable key-value pairs in your data. First, Karun cover fields in general, and then turns to how they are used in Splunk. Next, he explores how to use the Field extraction wizard, which is a menu-driven GUI that you can use to create fields without having to type regular expressions. Finally, Karun covers the Rex command, with plenty of examples of extracting fields using SPL. Learning to use the Rex command will come in handy when you have to manually extract fields from your data. By the end of this lesson, you will have learned how to extract and use fields in your data.
Lesson 5: Grouping Events and Using Lookups
In this lesson, you learn even more ways to explore and enhance your machine data using Splunk. First, learn the techniques you can use to group and correlate data. You do this by exploring the Transaction command. Next, you learn how to use the Join and Append family of SPL commands. They can be extremely helpful for correlating data. Finally, you learn to use one of the widely-used knowledge objects, lookups, to enhance your search results. Karun creates a lookup table from scratch using Splunk tutorial data. By the end of this lesson, you will have learned how to group and correlate data and also use lookups in Splunk effectively.
Lesson 6: Creating Reports and Alerts
In Lesson 6, you are getting into the application of what youve learned in the previous lessons. In this lesson, you learn all about reports and alerts. First, you learn how to create reports from your search results. Then, you learn how to save and schedule your reports. We cover how to use cron to schedule your reports. By scheduling a report, you can have the results emailed to you automatically. Finally, you learn how to create Splunk alerts. Karun covers how to schedule an alert and configure the threshold and trigger actions. By the end of this lesson, you will have thorough knowledge of how to create Splunk reports and alerts.
Lesson 7: Creating Dashboards
In this final lesson, you learn how to create stunning dashboards using various Splunk visualizations. First, Karun has you create a basic dashboard from your search results. He covers the various aspects of a dashboard, such as panels and simple-xml code. You then learn how to configure drilldown in your dashboards. Drilldowns allow you to have interactivity in your dashboards. Karun shows you how easy it is to create a dynamic drilldown that can capture information from users clicks. Finally, you learn how to add even more interactivity to your dashboards by adding input panels. You learn how to use drop-down menus using an example. Input panels allow you to add controls such as radio buttons, multi-select, and text fields. By the end of this lesson, you will have learned how to create useful and beautiful Splunk dashboards to make use of your data.
- Design