EtusivuHae koulutuksia & tapahtumiaWorking with Time

Working with Time

This three-hour course is for power users who want to become experts at using time in searches. Topics will focus on searching and formatting time in addition to using time commands and working with time zones.


Osallistumismuoto

Remote


Kesto

3 tuntia


Hinta

500 €

Search Experts Knowledge Managers

  • Searching with Time

  • Formatting Time

  • Comparing Index Time versus Search Time

  • Using Time Commands

  • Working with Time Zones

To be successful, students should have a solid understanding of the following:

  • How Splunk works

  • Creating Search queries

  • The eval command

Topic 1 - Searching with Time

  • Understand the_time field and timestamps

  • View and interact with the event Timeline

  • Use the earliest and latest time modifiers

  • Use the bin command with the _time field

Topic 2 - Formatting Time

  • Use various date and time eval functions to format time

    • Topic 3 - Using Time Commands

    • Use the timechart command

    • Use the timewrap command

      • Topic 4 - Working with Time Zones

      • Understand how time and timezones are represented in your data

      • Determine the time zone of your server

      • Use strftime to correct timezones in results

        • ;

        Hinta 500 € +alv

        Toteutukset



        Pidätämme oikeudet mahdollisiin muutoksiin ohjelmassa, kouluttajissa ja toteutusmuodossa. 
        Katso usein kysytyt kysymykset täältä.

        Yhteistyössä: Arrow