Splunk certified study guide : prepare for the user, power user, and enterprise admin certifications

Splunk certified study guide prepare for the user, power user, and enterprise admin certifications

Detalles Bibliográficos
Otros Autores: Mehta, Deep, author (author)
Formato: Libro electrónico
Idioma:Inglés
Publicado: [Place of publication not identified] : Apress [2021]
Materias:
Data mining.
Ver en Biblioteca Universitat Ramon Llull:https://discovery.url.edu/permalink/34CSUC_URL/1im36ta/alma991009631735206719
Tabla de Contenidos:
  • Intro
  • Table of Contents
  • About the Author
  • About the Technical Reviewer
  • Acknowledgments
  • Introduction
  • Part I: Splunk Architecture, Splunk SPL (Search Processing Language), and Splunk Knowledge Objects
  • Chapter 1: An Overview of Splunk
  • Overview of the Splunk Admin Exam
  • Structure
  • Requirements
  • Blueprint
  • An Introduction to Splunk
  • The History of Splunk
  • The Benefits of Splunk
  • The Splunk Architecture
  • Installing Splunk
  • Installing Splunk on macOS
  • Installing Splunk on Windows
  • Adding Data in Splunk
  • Summary
  • Multiple-Choice Questions
  • Further Reading
  • Chapter 2: Splunk Search Processing Language
  • The Pipe Operator
  • Time Modifiers
  • Understanding Basic SPL
  • Search Language Syntax
  • Boolean Operators in Splunk
  • Syntax Coloring in SPL
  • Sorting Results
  • Sort
  • Filtering Commands
  • where
  • dedup
  • head
  • tail
  • Reporting Commands
  • top
  • rare
  • history
  • table
  • stats
  • Aggregate Functions
  • Event Order Functions
  • Multivalue stats and chart Functions
  • Timechart Functions
  • untable
  • chart
  • timechart
  • Filtering, Modifying, and Adding Fields
  • eval
  • Comparison and Conditional Functions
  • Conversion Functions
  • Cryptographic Functions
  • Date and Time Functions
  • Informational Functions
  • Mathematical Functions
  • Multivalue eval Functions
  • Statistical eval Functions
  • Text Functions
  • Trigonometric and Hyperbolic Functions
  • Rex
  • lookup
  • Input Lookup
  • Output Lookup
  • Field
  • Grouping Results
  • Transaction
  • Summary
  • Multiple-Choice Questions
  • References
  • Chapter 3: Macros, Field Extraction, and Field Aliases
  • Field Extraction in Splunk
  • Regular Expressions
  • Regular Expression Using Field Extraction
  • Inline Regular Expression Using Field Extraction
  • Delimiters
  • Delimiters Using Field Extraction
  • Macros.
  • Create a Macro Using Splunk Web
  • Create a Macro Using the .conf File
  • Field Aliases in Splunk
  • Setting up Field Aliases
  • Splunk Search Query
  • Summary
  • Multiple Choice Test Questions
  • References
  • Chapter 4: Tags, Lookups, and  Correlating Events
  • Splunk Lookups
  • Looking up Table Files
  • Lookup Definitions
  • Automatic Lookups
  • Splunk Tags
  • Create Tags in Splunk Using Splunk Web
  • Tag Event Types in Splunk Web
  • Reporting in Splunk
  • Creating Reports in Splunk Web
  • Report Acceleration in Splunk
  • Creating Report Acceleration
  • Scheduling a Report in Splunk
  • Alerts in Splunk
  • Create Alerts in Splunk Using Splunk Web
  • Cron Expressions for Alerts
  • Summary
  • Multiple-Choice Questions
  • References
  • Chapter 5: Data Models, Pivot, and CIM
  • Understanding Data Models and Pivot
  • Datasets and Data Models
  • Creating Data Models and Pivot in Splunk
  • Creating New Datasets
  • Predicting a Sales Pattern
  • Event Actions in Splunk
  • GET Workflow Actions
  • Defining a GET Workflow Action
  • Search Workflow Action
  • Defining Search Workflow Action
  • Common Information Model in Splunk
  • Defining CIM in Splunk
  • Summary
  • Multiple-Choice Questions
  • References
  • Chapter 6: Knowledge Managers and Dashboards in Splunk
  • Understanding the Knowledge Manager's Role in Splunk
  • Globally Transferring Knowledge Objects
  • Enabling Knowledge Object Visibility
  • Restricting Read/Write Permissions on an App
  • Orphaned Knowledge Objects
  • Run a Monitoring Console Health Check
  • Using the Reassign Knowledge Objects Page in Settings
  • Reassigning a Knowledge Object to Another Owner
  • Dashboards
  • Static Real-Time Dashboards
  • Creating a Report in Splunk to Get a Total Transaction Request on the Web Page
  • Creating a Report in Splunk to Get a Total Transaction Request from Western USA.
  • Creating a Report in Splunk to Get a Total Transaction Request from Eastern USA
  • Creating a Report in Splunk to Get a Successful Transaction Request on the Web Page
  • Creating a Total Sales Report for Western US Cities
  • Creating a Total Sales Report for Eastern US Cities
  • Creating Report for an HTTP Status Code
  • Creating a Report for an HTTP Method
  • Creating Report to Get a Total Transaction Request for Different Categories
  • Creating a Dashboard
  • Adding a Report to a Dashboard
  • Dynamic Form-based Dashboards
  • Adding a Radio Button Using XML
  • Adding a Time Modifier Using XML
  • Adding a Drop-Down Menu Using XML
  • Adding a Link List Using XML
  • Using the User Interface for Input
  • Summary
  • Multiple-Choice Questions
  • References
  • Chapter 7: Splunk User/Power User Exam Set
  • Questions
  • Summary
  • Part II: Splunk Data Administration and System Administration
  • Chapter 8: Splunk Licenses, Indexes, and Role Management
  • Buckets
  • How Does a Bucket Work?
  • How Search Is Performed in Buckets
  • Understanding journal.gz, .tsidx, and Bloom Filters
  • How Do Search Functions Work?
  • Splunk Licenses
  • Changing a License Group in Splunk
  • Managing Splunk Licenses
  • License Masters and Slaves
  • License Master
  • License Slave
  • Adding a License in Splunk
  • License Pooling
  • Creating a License Pool
  • Managing Indexes in Splunk
  • Creating an Index in Splunk
  • Creating an Index Using Splunk Web
  • Creating an Index Using a Splunk Configuration File
  • Creating an Index Using Splunk CLI
  • User Management
  • Adding a Native User
  • Defining Role Inheritance and Role Capabilities
  • Summary
  • Multiple-Choice Questions
  • References
  • Chapter 9: Machine Data Using Splunk Forwarder and Clustering
  • Splunk Universal Forwarder
  • Configuring Splunk Indexer to Listen to Data for Universal Forwarder.
  • Configuring Windows Splunk Forwarder
  • Splunk Universal Forwarder Using Windows
  • Splunk Universal Forwarder Using .msi
  • Configuring Linux Splunk Forwarder
  • Splunk's Light and Heavy Forwarders
  • Splunk Heavyweight Forwarder
  • Configuring Heavy Forwarder
  • Configuring Heavy Forwarder to Index and Forwarding Data from a Universal Forwarder
  • Splunk Light Forwarder
  • Forwarder Management
  • Configuring Forwarder Management
  • Configuring the Forwarder Management Client
  • Splunk Indexer Clusters
  • Configuring Indexer Clusters
  • Creating an Indexer Cluster Using Splunk Web
  • Creating an Indexer Cluster Using a Splunk .conf File
  • Creating an Indexer Cluster Using Splunk CLI
  • Splunk Lightweight Directory Access Protocol (LDAP)
  • Creating an LDAP Strategy
  • Mapping LDAP Group to Splunk Roles
  • Splunk Security Assertion Markup Language (SAML)
  • Configuring Splunk SAML
  • Map SAML to User Roles
  • Summary
  • Multiple-Choice Questions
  • References
  • Chapter 10: Advanced Data Input in Splunk
  • Compress the Data Feed
  • Indexer Acknowledgment
  • Securing the Feed
  • Queue Size
  • Monitor Input
  • Monitor Files
  • Monitor Directories
  • Monitor Files and Directory Using Splunk Web
  • Monitor File and Directory Using inputs.conf
  • Scripted Input
  • Scripted Input Using Splunk Web
  • Scripted Input Using inputs.conf file
  • Network Input
  • Add Network Input Using Splunk Web and Deploy It to the Forwarder
  • Modify Network Input Using .conf Files
  • Configure TCP Network Input Using .conf File
  • Configure Network UDP Input Using .conf File
  • Pulling Data Using Agentless Input
  • HTTP Input Using Splunk Web
  • Configure HTTP Event Collector in Splunk
  • Configure HTTP Input Using .conf File
  • Configure HTTP Event Collector in Splunk Using .conf File
  • Parse Data in Splunk Using HTTP Event Collector
  • Summary.
  • Multiple-Choice Questions
  • References
  • Chapter 11: Splunk's Advanced .conf File and Diag
  • Understanding Splunk .conf files
  • props.conf
  • indexes.conf
  • transforms.conf
  • inputs.conf
  • outputs.conf
  • deploymentclient.conf
  • Setting Fine-Tuning Input
  • Custom Source Types Using Splunk Web
  • Custom Source Types Using props.conf
  • Anonymizing the Data
  • props.conf to Anonymize Data with a sed Script
  • Syntax to Anonymize Data with a sed Script
  • props.conf and transforms.conf to Anonymize Data with Regular Expressions
  • Understanding Merging Logic in Splunk
  • Configuration File Precedence
  • Splunk Determine Precedence Order
  • Splunk .conf Files Location
  • Configuration Merging Logic
  • Example 1: Configuration Merging (No Conflict)
  • Example 2: Configuration Merging (Conflict)
  • Example 3: Configuration Merging (Conflict)
  • Debugging Configuration Files
  • Example: Btool for Troubleshooting a Configuration File
  • Creating a Diag
  • Creating a Diag in Splunk
  • Summary
  • Multiple-Choice Questions
  • Reference
  • Chapter 12: Splunk Admin Exam Set
  • Questions
  • Summary
  • Part III: Advanced Splunk
  • Chapter 13: Infrastructure Planning with Indexer and Search Head Clustering
  • Capacity Planning for Splunk Enterprise
  • Dimensions of a Splunk Enterprise Deployment
  • Incoming Data Affects Splunk Enterprise Performance
  • Indexed Data Affects Splunk Enterprise Performance
  • Concurrent Users Affects Splunk Enterprise Performance
  • Saved Searches on Splunk Enterprise Performance
  • Disk Storage for Splunk Enterprise
  • Configuring a Search Peer
  • Configuring a Search Peer from Splunk Web
  • Configure Splunk Search Peer from the .conf File
  • Configure Search Peer from Splunk CLI
  • Configure a Search Head
  • Configuring a Search Head Using Splunk Web
  • Configure Splunk Search Head Using .conf file.
  • Configuring a Search Head from Splunk CLI.

Ejemplares similares