Contenu
This three-hour course is for power users who want to learn how to calculate co-occurrence between fields and analyze data from multiple datasets. Topics will focus on the transaction, append, appendcols, union, and join commands.
Pré-requis
To be successful, students should have a solid understanding of the following:
- How Splunk works
- Creating search queries
- Lookups
Objectifs
- Calculate Co-Occurrence Between Fields
- Analyze Multiple Datasets
Outline: Correlation Analysis (SCLAS)
Module 1 - Calculate Co-Occurrence Between Fields
- Understand transactions
- Explore the transaction command
Module 2 - Analyze Multiple Data Sources
- Understand subsearch
- Use the append, appendcols, union, and join commands to combine, analyze, and compare multiple data sources