Splunk by Cisco
General
The Splunk Platform
Creating Field Extractions (SP-CFE)
About the course
Certifications
This course is part of the following Certifications:
- Splunk Core Certified Power User
- Splunk Core Certified Advanced Power User
Prerequisites
To be successful, students should have a solid understanding of the following:
- How Splunk works
- Creating search queries
- Lookups
Course Objectives
- Calculate Co-Occurrence Between Fields
- Analyze Multiple Datasets
Course content
Topic 1 - Using the Field Extractor
- Understand types of extracted fields and when they are extracted
- Explore the Splunk Web Field Extractor (FX)
Topic 2 - Creating Regex Field Extractions
- Identify basics of regular expressions (regex)
- Understand the regex field extraction workflow
- Edit regex for field extractions
Topic 3 - Creating Delimited Field Extractions
- Identify delimited field values in event data
- Understand the delimited field extraction workflow