Splunk by Cisco
General
The Splunk Platform
Correlation Analysis (SP-SCLAS)
About the course

This three-hour module is for power users who want to learn how to calculate co-occurrence between fields and analyze data from multiple datasets. Topics will focus on the transaction, append, appendcols, union, and join commands.


Prerequisites

To be successful, students should have a working understanding of these courses:

  • What is Splunk?
  • Intro to Splunk (ITS)
  • Using Fields (SUF)
  • Statistical Processing (SSP)


Course Objectives

  • Calculate Co-Occurrence Between Fields
  • Analyze Multiple Datasets
Course content

Topic 1 - Calculate Co-Occurrence Between Fields

  • Understand transactions
  • Explore the transaction command

Topic 2 - Analyze Multiple Data Sources

  • Understand subsearch
  • Use the append, appendcols, union, and join commands to combine, analyze, and compare multiple data sources