Splunk IT Foundations Virtual Workshop! - April 15th @ 1:00pm ET

user023-splk https://i-04437efecf702f10c.splunk.show Peter Trinh

IT Foundations Takeaway Document

Champion Splunk IT Foundations within your Organization

Next Steps

Ask your account team about other IT workshops, including the Splunk IMT Hands-On Workshop

Ask your account team about playing Boss of the NOC

Further Reading

Splunk Resources and Help: Resources for Your Success

Workshop SPL

Basic incident keyword search - Slide 28

crash OR error OR fail* OR critical

Basic incident keyword search with field filters - Slide 39

crash OR error OR fail* OR critical host="auth-*"

Browser useragent device lookup and visualization - Slide 43

host=apache-*

Browser useragent device lookup and visualization - Slide 51

host=apache-* | lookup user_agents http_user_agent

Browser useragent device lookup and visualization - Slide 53

host=apache-* | lookup user_agents http_user_agent | eval device=ua_os_family." - ".ua_family

Browser useragent device lookup and visualization - Slide 53

host=apache-* | lookup user_agents http_user_agent | eval device=ua_os_family." - ".ua_family | top limit=20 device

Incident investigation keyword search- Slide 85

index=srvr_network (drop* OR timeout OR linkdown OR critical OR major)

Incident investigation keywords filtered - Slide 88

index=srvr_network (drop* OR timeout OR linkdown OR critical OR major) (NOT localhost) (NOT early_timeout)

Incident investigation keywords filtered - Slide 97

index=srvr_network

Incident investigation keywords filtered - Slide 99

index=srvr_network | source=”maintenance.log"

Incident investigation keywords filtered - Slide 105

index=srvr_network

Incident investigation keywords filtered - Slide 107

index=srvr_network (changed OR updated OR modified OR deleted OR applied)