Struktura kurzu
Tato část není lokalizována
Module 1 – Introduction to the Splunk REST API
- Introduce the Splunk development environment and its RESTendpoints
- Connect to the appropriate Splunk server to accomplish a desiredtask
- Authenticate with a Splunk server, with and without a session
Module 2 – Namespaces and Object Management
- Understand general CRUD with the REST API
- Identify how a namespace affects access to objects
- Use the servicesNS node and a namespace to access objects
- Understand how the sharing level and access control lists affectaccess to objects
- Modify the sharing level and the permissions on an object▪ Use the rest command.
Module 3 – Parsing Output
- Understand the general structure of Atom-based output
- Format Atom-based XML and JSON output
- Write code that uses the API and parse responses
Module 4 – Oneshot Searching
- Review search language syntax and search best practices
- Execute oneshot searches
- Get search results and parse them
Module 5–Normal and Export Searching
- Identify types of searches
- Execute normal and export searches
- Get search results, job status and search job properties.
Module 6 – Advanced Searching and Job Management
- Execute real-time searches
- Work with large result sets
- Work with saved searches
- Manage search jobs
Module 7 – Working with Indexes
- Define the function of a KV Store
- Define collections and records
- Perform CRUD operations on collections and records
Module 8 – Using the HTTP Event Collector (HEC)
- Create and use HEC tokens
- Input data using HEC endpoints
- Get indexer event acknowledgements
Appendix – Useful Admin REST APIs
- Get system information
- Manage Splunk configuration files
- Manage Indexes
