Comparing Values

This three-hour module is for power users who want to learn how to compare field values using eval functions and eval expressions. Topics will focus on using the comparison and conditional functions of the eval command, and using eval expressions with the field format and where commands.

Days : 2

Price :

Description

Certifications

This course is part of the following Certifications:

Splunk Core Certified Power User
Splunk Core Certified Advanced Power User

Prerequisites

To be successful, students should have a solid understanding of the following:

How Splunk works
Creating search queries

Course Objectives

Using eval to Compare
Filtering with where

Outline: Comparing Values (SCV)

Topic 1 – Using eval to Compare

Understand the eval command
Explain evaluation functions
Identify and use comparison and conditional functions
Use the fieldformat command to format field values

Topic 2 – Filtering with where

Use the where command to filter results
Use wildcards with the where command
Filter fields with the information functions, isnull and isnotnull

Comparing Values

Description

Certifications

Prerequisites

Course Objectives

Outline: Comparing Values (SCV)

Related Products

Python 101 – Basics

Microsoft Dynamics 365 Customer Service

Managing Decisions in IBM Operational Decision Manager V8.9