Product Description
This eLearning module teaches students how to use scheduled reports and alerts to automate processes in their organization. Students will create, manage, and schedule reports and alerts, and use alert actions to further respond to incidents as they occur. This module will take roughly three hours to complete.
This eLearning option is available with and without a lab option. If a student opts to take the option without a lab, the eLearning is free.
Prerequisites
Recommended:
- Intro to Splunk eLearning module
- Intro to Knowledge Objects eLearning module
Course Objectives
- Creating and managing Scheduled Reports
- Creating and managing Alerts
- Using Alert Actions
Outline
Topic 1
- Create a report
- Schedule a report
- Define a report's time range
- Define schedule priority
- Define schedule window
- Add a trigger condition
Topic 2
- View report settings
- Edit report permissions
- Enable report embedding
Topic 3
- Save a search as an alert
- Define alert permissions
- Understand scheduled and real-time alert types
- Define alert trigger conditions
Topic 4
- Define actions that respond to trigger conditions
- Write results to a log event
- Output results to a lookup
- Output results to a telemetry endpoint
- Send an email containing search results
- Set up a webhook alert action
Topic 5
- View alert settings
- Edit alert permissions