Creating Knowledge Objects is a Splunk Education course that explores how to build reusable knowledge objects that extend raw machine data into business-meaningful information.
What You Will Learn
- Create and manage saved searches, reports, and alerts as reusable knowledge objects
- Define event types and tags to categorize and normalize related events
- Build lookup tables and configure automatic lookups to enrich search results
- Use search macros to create reusable, parameterized search fragments
- Design and populate data models to support Pivot reports and accelerated searches
Who Should Attend
Splunk knowledge managers, power users, and administrators who want to build a reusable knowledge layer on top of their Splunk data.
Prerequisites
Completion of Splunk Fundamentals 1 and 2, or equivalent hands-on experience with Splunk search and reporting.
