Power user

==========

http://lp-5cd7310c58:8000
userid: splunktraining4
password:

Day-1---->05/feb/2019
======================

output-overwrites
outputnew- avoid overwriting

* index once in upload do not write anything in config file

* upload option allows accordingly

===================================================================================
===============================================

Day-2---06/feb/2019
====================

**Minimum number of value required to plot a graph is :1 and two when poly
**Better to use chart command over stats in case of of visualization and vice-versa
with stats case
**stats doesnot shows null values while chart shows the null value
**

Timechart and stat difference..

trendline...
-sma : simple moving average
-ema : exponential moving average
-wma : weighted moving average

choropleth map:--- shades

homework---
ques:-gauge command today
===================================================================================
======================================================

Day-03--07/feb/2019
===================

eval command
--------------

search and where command difference

eval with command ==
eavl with function =
eval- if
eval -case
transactional command
knolwedge object
-----------------

fields:
field extraction : regx and delimiters

using regex

rex command

by default all knowledge object shared as private

===================================================================================
=====================================================

Day-04 08/feb/2019
===================

gauge
lookups
tags
eventtypes

107.3.146.207.768
108.65.113.83.486
109.169.32.135.844
110.138.30.229.350
110.159.208.78
macro

index=dib_1 | `duration_macro(bytes)`|table required_time

workflow actions
================
*

ques: how do summary indexing works in splunk

ques: