Course Overview
This course is designed for Splunk Developers. It teaches students how to create advanced, interactive dashboards using the classic, simple XML framework. The course focuses on using tokens, user inputs, dynamic drilldowns, and event handlers. It combines a strong technical focus with the opportunity to practice in a realistic lab environment.
This course may be delivered in two days with 4.5-hour sessions or, over one single 9-hour day.
Who should attend
- Users/Analysts
- Administrators
- Engineers
Prerequisites
To be successful, students should have a solid understanding of these single subject courses:
- Intro to Splunk
- Using Fields (SUF)
- Visualizations
- Working with Time (WWT)
Outline: Creating Classic Dashboards (CCD)
Topic 1 – Classic Dashboards
- Compare dashboards and forms
- Create prebuilt panels
- Troubleshoot views
Topic 2 – Using Tokens
- Describe how tokens work
- Define token syntax
- Use token filters
Topic 3 – Adding User Inputs
- Define user inputs
- Add a user input
- Create cascading inputs
Topic 4 – Improving Performance
- Identify performance improvement methods
- Use tstats and data model acceleration
- Create a base & chain search
Topic 5 – Customizing Dashboards
- Customize charts
- Use event annotations
- Customize panels
Topic 6 – Creating Dynamic Drilldowns
- Identify types of drilldowns
- Use the drilldown editor
- Create a dynamic drilldown
Topic 7 – Adding Advanced Behaviors
- Name event handler types
- Define event actions
- Create a contextual drilldown