Webové stránky používají k poskytování služeb, personalizaci reklam a analýze návštěvnosti soubory cookie. Informace, jak tyto stránky používáte, jsou sdíleny se společností Google. Používáním souhlasíte s použitím souborů cookie. Více informací.

Rozumím

Kód školení: SPLUNKAPI

Developing with Splunk's REST API

This nine hour course teaches you how to use the Splunk REST API to accomplish tasks interacting with Splunk servers. In this course, you will use curl and Python to send requests to Splunk REST endpoints and will learn how to parse and use the results. The course will show you how to create a variety of objects in Splunk, how to change properties, work with and apply security to Splunk objects, run different types of searches and parse its results, ingest data using the HTTP Event Collector and manipulate collections and KV Stores.

Obsah školení

Module 1 – Introduction to the Splunk REST API

  • Introduce the Splunk development environment and its RESTendpoints
  • Connect to the appropriate Splunk server to accomplish a desiredtask
  • Authenticate with a Splunk server, with and without a session

Module 2 – Namespaces and Object Management

  • Understand general CRUD with the REST API
  • Identify how a namespace affects access to objects
  • Use the servicesNS node and a namespace to access objects
  • Understand how the sharing level and access control lists affectaccess to objects
  • Modify the sharing level and the permissions on an object▪ Use the rest command.

Module 3 – Parsing Output

  • Understand the general structure of Atom-based output
  • Format Atom-based XML and JSON output
  • Write code that uses the API and parse responses

Module 4 – Oneshot Searching

  • Review search language syntax and search best practices
  • Execute oneshot searches
  • Get search results and parse them

Module 5–Normal and Export Searching 

  • Identify types of searches
  • Execute normal and export searches
  • Get search results, job status and search job properties.

Module 6 – Advanced Searching and Job Management

  • Execute real-time searches
  • Work with large result sets
  • Work with saved searches
  • Manage search jobs

Module 7 – Working with Indexes

  • Define the function of a KV Store
  • Define collections and records
  • Perform CRUD operations on collections and records

Module 8 – Using the HTTP Event Collector (HEC)

  • Create and use HEC tokens
  • Input data using HEC endpoints
  • Get indexer event acknowledgements

Appendix – Useful Admin REST APIs

  • Get system information
  • Manage Splunk configuration files
  • Manage Indexes

Předpokládané znalosti

Classes:

Splunk Fundamentals 1
Splunk Fundamentals 2
Splunk Data Administration or Splunk Cloud Administration is recommended but not required
Advanced Searching and Reporting recommended but not required
Software development or scripting experience

Cena školení

34.900,- Kč bez DPH
42.229,- Kč s DPH

Termíny školení

Momentálně nejsou vypsané žádné termíny kurzu. Napište nám o termín.

Virtuální kurz

Datum Jazyk kurzu Délka kurzu
10. ledna 2022 Angličtina 9h Registrovat

Alternativní termín

Nevyhovuje vám žádný z navrhovaných termínů? Napište nám o vypsání alternativního termínu.

Kontaktujte nás