Who should attend
This module is designed for developers responsible for debugging their own applications, and for SREs responsible for troubleshooting performance issues. The Splunk Log Observer is built primarily for DevOps teams working on applications built on modern tech stacks (containerized microservices). However, the module can be taken by anyone who wants to view recent log data in a no-code environment.
Prerequisites
Prior experience with Splunk Infrastructure Monitoring and/or Splunk APM is recommended
Course Objectives
- View log data
- Describe how log data is parsed and structured in the tool
- Create filters for log data; save and reuse these filters
- Investigate the shape of log data with the Log Observer
- Analyze data with aggregation functions and group by rules
- Manage the data pipeline using rules
- Describe ways to get data in
Course Content
This 4.5-hour module describes how to use the tool to work with log data using the no-code user interface. Learn to create, save, and share search filters, and to investigate the shape of your log data. Analyze logs with aggregation functions and group by rules. Create rules to manipulate incoming data, and generate synthetic metrics from log data.
All concepts are taught using lectures and scenario-based hands-on activities.
English