Struktura kurzu
Tato část není lokalizována
Topic 1 – Investigating Searches
- Use the Search Job Inspector to examine how a search was processed and troubleshoot performance
- Use SPL commenting to help identify and isolate problems
Topic 2 – Splunk Architecture
- Understand the role of search heads, indexers, and forwarders in a Splunk deployment
- Understand how the components of a bucket (.tsidx and journal.gz files) are used
- Understand how bloom filters are used to improve search speed
Topic 3 – Streaming and Non-Streaming Commands
- Describe the parts of a search string
- Understand the use of centralized vs. distributable commands
- Create more efficient searches
Topic 4 – Breakers and Segmentation
- Understand how segmenters are used in Splunk
- Use lispy to reduce the number of events read from disk
Topic 5 – Commands and Functions for Troubleshooting
- Using the fieldsummary command
- Using the makeresults command
- Using information functions with the eval command
- the isnull function
- the typeof function