Learn how to manipulate search results into more useful output with commands.
- [Instructor] You've learned how to filter searches,…but Splunk search language can do more than just filter.…It actually allows you to run some commands…against your search results.…This is all done via the pipe character.…For example, let's search for star to include all results.…And then we'll type pipe.…And you can see here there's all the commands…that are available to us.…We're gonna use the command top user.…And let's click search.…This returns the statistics of the top users…associated with our events.…
You can see we've got root and vagrant.…You can also see there's a little bit of a problem…in how our events are being processed,…because a lot of them are showing up as user dash.…This is something we can sort out a little later.…Now let's click on our vagrant user.…And we have a few options that come up here.…We can say view events.…And that updates our search with user=vagrant.…Let's go back and this time let's say exclude from results.…
This reruns our command but excludes the vagrant user.…And the way it does this is it says user!=vagrant.…
- Installing Splunk
- Filtering search data
- Advanced search syntax
- Creating reports and dashboards
- Creating alerts and actions
- Configuring remote data and multiple data streams
Skill Level Beginner
DevOps Foundations: Monitoring and Observabilitywith Ernest Mueller2h 12m Intermediate
1. Tour of Major Features
3. Reporting and Dashboards
5. Practical Splunk
Next steps1m 57s
- Mark as unwatched
- Mark all as unwatched
Are you sure you want to mark all the videos in this course as unwatched?
This will not affect your course history, your reports, or your certificates of completion for this course.Cancel
Take notes with your new membership!
Type in the entry box, then click Enter to save your note.
1:30Press on any video thumbnail to jump immediately to the timecode shown.
Notes are saved with you account but can also be exported as plain text, MS Word, PDF, Google Doc, or Evernote.