Description
Learn the concepts and apply the knowledge through discussions and hands-on activities.
Please note that this class may be delivered over two days, with 4.5 hour sessions each day, for a total of nine hours of content.
Prerequisites
Required:
- Using Splunk Infrastructure Monitoring
Course Objectives
- Using the SignalFlow API to Perform Computations
- Stream/extract Raw and Processed Data from Splunk IM
- Manage Splunk IM Teams
- Manage Charts, Dashboards and Dashboard Groups Using the REST API
- Manage Detectors Using the REST API
Outline: Automation Using the REST and SignalFlow APIs (AURSAPI)
Topic 1 – Overview of the Splunk IM API
- Describe the function of the API
- Describe the API endpoints
Topic 2 – Streaming Computations Using SignalFlow
- Use the SignalFlow CLI
- Use the data() function to stream metrics
- Use the detect() function to define detectors
Topic 3 – Streaming Raw and Processed Data
- Choose when to use WebSocket connection vs HTTP API for streaming
- Execute SignalFlow computations
- Describe the types of messages emitted by streaming computation
- Stream/extract raw and processed data from the Splunk IM service
Topic 4 – Manage Splunk IM Teams
- Describe the use of teams
- Create teams
- Add/remove members to/from teams
- Update teams
Topic 5 – Automate Chart and Dashboard Management
- Create, modify, and delete charts
- Create detectors to monitor issues of interest
Topic 6 – Automate Detector Management
- Create detectors
- Update, delete detectors
- Mute notifications
- Clear incidents
