A qui s'adresse cette formation
- Users/Analysts
- Administrators
- Engineers
Pré-requis
To be successful, students must have completed these Splunk Education course(s) or have equivalent working knowledge:
Product description
This course is designed for Splunk users, analysts, and administrators who want to automate reporting and monitoring. You will learn how to schedule reports, configure alerts, and manage notification settings.
This eLearning option is available with and without a lab option. If a student opts to take the option without a lab, the eLearning is free.
Outline
Module 1 – Creating a Scheduled Report
- Create a report
- Schedule a report
- Define a report's time range
- Define schedule priority
- Define schedule window
- Add a trigger condition
Module 2 – Managing Reports
- View report settings
- Edit report permissions
- Enable report embedding
Module 3 – Creating Alerts
- Save a search as an alert
- Define alert permissions
- Understand scheduled and real-time alert types
- Define alert trigger conditions
Module 4 – Using Alert Actions
- Define actions that respond to trigger conditions
- Write results to a log event
- Output results to a lookup
- Output results to a telemetry endpoint
- Send an email containing search results
- Set up a webhook alert action
Module 5 – Managing Alerts
- View alert settings
- Edit alert permissions