Leveraging Lookups and Subsearches (LLS)

 

Course Overview

This course is designed for Splunk users, analysts, and administrators who want to enhance their searches with lookups and subsearches. You will learn how to use lookups to enrich your data and how to write subsearches to correlate and filter data from multiple sources.

Who should attend

  • Users/Analysts
  • Administrators
  • Engineers

Certifications

This course is part of the following Certifications:

Prerequisites

To be successful, students must have completed these Splunk Education course(s) or have equivalent working knowledge:

  • Intro to Splunk
  • Using Fields
  • Visualizations
  • Working with Time
  • Statistical Processing
  • Comparing Values
  • Result Modification
  • Scheduling Reports and Alerts
  • Introduction to Dashboards

Outline: Leveraging Lookups and Subsearches (LLS)

Module 1 – Using Lookup Commands

  • Understand lookups
  • Use the inputlookup command to search lookup files
  • Use the lookup command to invoke field value lookups
  • Use the outputlookup command to create lookups
  • Invoke geospatial lookups in search

Module 2 – Adding a Subsearch

  • Define subsearch
  • Use subsearch to filter results
  • Identify when to use subsearch
  • Understand subsearch limitations and alternatives

Module 3 – Using the return Command

  • Use the return command to pass values from a subsearch
  • Compare the return and fields commands

Prices & Delivery methods

Online Training

Duration
3 hours

Price
  • Online Training: CAD 690
  • Online Training: US $ 500
  • Splunk Training Units: 50 SPC
Dates and Booking
Request a date
Classroom Training

Duration
3 hours

Price
  • Canada: CAD 690
  • Splunk Training Units: 50 SPC
Dates and Booking
Request a date

Click on town name or "Online Training" to book Schedule

Guaranteed date:   We will carry out all guaranteed training regardless of the number of attendees, exempt from force majeure or other unexpected events, like e.g. accidents or illness of the trainer, which prevent the course from being conducted.
This class will become guaranteed to run with one more student registration.
Instructor-led Online Training:   This computer icon in the schedule indicates that this date/time will be conducted as Instructor-Led Online Training. If you have any questions about our online courses, feel free to contact us via phone or Email anytime.

United States

 Guaranteed to Run Online Training 09:00 Central Daylight Time (CDT) Enroll
Online Training 09:00 Eastern Daylight Time (EDT) Enroll
Guaranteed to Run Online Training 09:00 Eastern Daylight Time (EDT) Enroll
Online Training Time zone: Eastern Daylight Time (EDT) Enroll
Online Training Time zone: Pacific Daylight Time (PDT) Enroll
Online Training 09:00 Eastern Daylight Time (EDT) Enroll
Online Training Time zone: Eastern Daylight Time (EDT) Enroll
Online Training Time zone: Central Standard Time (CST) Enroll
Guaranteed to Run Online Training 09:00 Eastern Standard Time (EST) Enroll
Online Training Time zone: Eastern Standard Time (EST) Enroll

Canada

 Guaranteed to Run Online Training 09:00 Eastern Daylight Time (EDT) Enroll
Online Training 09:00 Eastern Daylight Time (EDT) Enroll
Guaranteed to Run Online Training 09:00 Eastern Daylight Time (EDT) Enroll
Online Training Time zone: Eastern Daylight Time (EDT) Enroll
Online Training Time zone: Pacific Daylight Time (PDT) Enroll
Online Training 09:00 Eastern Daylight Time (EDT) Enroll
Online Training Time zone: Eastern Daylight Time (EDT) Enroll
Online Training Time zone: Central Standard Time (CST) Enroll
Guaranteed to Run Online Training 09:00 Eastern Standard Time (EST) Enroll
Online Training Time zone: Eastern Standard Time (EST) Enroll