Enriching Data with Lookups

This three-hour module is for knowledge managers who want to use lookups to enrich their search environment. Topics will introduce lookup types and cover how to upload and define lookups, create automatic lookups, and use advanced lookup options. Additionally, students will learn how to verify lookup contents in search and review lookup best practices.

Days : 1

Price :

Description

Who should attend

Search Experts and Knowledge Managers

Certifications

This course is part of the following Certifications:

Splunk Core Certified Advanced Power User

Prerequisites

To be successful, students should have a solid understanding of the following:

How Splunk works
Knowledge objects

Course Objectives

What is a Lookup?
Creating Lookups
Geospatial Lookups
External Lookups
KV Store Lookups
Best Practices for Lookups

Outline: Enriching Data with Lookups (EDL)

Topic 1 – What is a Lookup?

Define a lookup and the default lookup types
Lookups and the search-time operation sequence

Topic 2 – Creating Lookups

Use file-based lookups at search time
Create (upload, define, configure) a lookup
Use an automatic lookup at search

Topic 3 – Geospatial Lookups

Understand geospatial lookups and KMZ/KML files
Add and define a geospatial lookup

Topic 4 – External Lookups

Understand external lookups
Explore the default lookup, external_lookup.py
Configure external lookups

Topic 5 – KV Store Lookups

Introduce KV Store lookups
Configure KV Store lookups
Compare file-based CSV lookups to KV Store lookups

Topic 6 – Best Practices for Lookups

Various best practices for using lookups

Enriching Data with Lookups

Description

Who should attend

Certifications

Prerequisites

Course Objectives

Outline: Enriching Data with Lookups (EDL)

Related Products

Microsoft Azure IoT Developer

Microsoft 365 and Azure Compliance Bootcamp – Healthcare

Microsoft Security, Compliance, and Identity Fundamentals