When will I have access to the lectures and assignments?

To access the course materials, assignments and to earn a Certificate, you will need to purchase the Certificate experience when you enroll in a course. You can try a Free Trial instead, or apply for Financial Aid. The course may offer 'Full Course, No Certificate' instead. This option lets you see all course materials, submit required assessments, and get a final grade. This also means that you will not be able to purchase a Certificate experience.

What will I get if I subscribe to this Specialization?

When you enroll in the course, you get access to all of the courses in the Specialization, and you earn a certificate when you complete the work. Your electronic Certificate will be added to your Accomplishments page - from there, you can print your Certificate or add it to your LinkedIn profile.

Is financial aid available?

Yes. In select learning programs, you can apply for financial aid or a scholarship if you can’t afford the enrollment fee. If fin aid or scholarship is available for your learning program selection, you’ll find a link to apply on the description page.

Splunk Search Expert 103

Splunk Search Expert 103

This course is part of Splunk Search Expert Specialization

Instructor: Splunk Instructor

3,235 already enrolled

Included with

Learn more

4 modules

Gain insight into a topic and learn the fundamentals.

52 reviews

Beginner level

No prior experience required

5 hours to complete

Flexible schedule

Learn at your own pace

4 modules

Gain insight into a topic and learn the fundamentals.

52 reviews

Beginner level

No prior experience required

5 hours to complete

Flexible schedule

Learn at your own pace

What you'll learn

Use specific commands to calculate co-occurrence between fields and analyze data from multiple datasets.
Understand how components of a search are broken down and processed across the Splunk data pipeline and how to troubleshoot searches.
Manipulate, evaluate, and analyze multivalue data and create multivalue fields in search with multivalue eval commands and functions.
Improve search performance by understanding search best practices, accelerating repots and data models to optimize frequently accessed data.

Skills you'll gain

Tools you'll learn

Splunk

Details to know

Shareable certificate

Add to your LinkedIn profile

Assessments

4 assignments

Taught in English

91% of learners achieved a positive career outcome

See how employees at top companies are mastering in-demand skills

Learn more about Coursera for Business

logos of Petrobras, TATA, Danone, Capgemini, P&G and L'Oreal

Build your subject-matter expertise

This course is part of the Splunk Search Expert Specialization

When you enroll in this course, you'll also be enrolled in this Specialization.

Learn new concepts from industry experts
Gain a foundational understanding of a subject or tool
Develop job-relevant skills with hands-on projects
Earn a shareable career certificate

There are 4 modules in this course

In this course, you will learn how to calculate co-occurrence between fields and analyze data from multiple datasets, increase your knowledge of searching and learn how to work with multivalue data. In addition, you will learn tips and tricks to improve search performance using accelerations.

Module details

This module is for users who want to learn how to calculate co-occurrence between fields and analyze data from multiple datasets. Topics will focus on the transaction, append, appendcols, union, and join commands.

What's included

10 videos2 readings1 assignment

10 videosTotal 52 minutes

Understanding Transactions2 minutes
Transaction Command8 minutes
Working with Transactions10 minutes
Complete and Incomplete Transactions7 minutes
Optimizing Transactions4 minutes
Introduction to Subsearch10 minutes
Append Command4 minutes
Appendcols Command2 minutes
Join Command3 minutes
Union Command3 minutes

2 readingsTotal 10 minutes

Learning Objectives5 minutes
Lesson Notes5 minutes

1 assignmentTotal 5 minutes

Correlation Analysis5 minutes

This eLearning module gives students additional insight into how Splunk processes searches. Students will learn about Splunk architecture, how components of a search are broken down and distributed across the pipeline, and how to troubleshoot searches when results are not returning as expected.

What's included

9 videos2 readings1 assignment

9 videosTotal 48 minutes

Introduction0 minutes
Using the Search Job Inspector8 minutes
SPL Commenting4 minutes
Splunk Architecture6 minutes
Streaming vs. Non-Streaming Commands4 minutes
Breakers and Segmentation10 minutes
Makeresults Command4 minutes
Fieldsummary Command8 minutes
Informational Functions4 minutes

2 readingsTotal 10 minutes

Learning Objectives5 minutes
Lesson Notes5 minutes

1 assignmentTotal 5 minutes

Search Under the Hood5 minutes

This module is for users who want to become experts on searching and manipulating multivalue data. Topics will focus on using multivalue eval functions and multivalue commands to create, evaluate, and analyze multivalue data.

What's included

20 videos2 readings1 assignment

20 videosTotal 67 minutes

Introduction0 minutes
What are multivalue fields?8 minutes
Spath Command14 minutes
Spath Function1 minute
Multikv Command5 minutes
List Function2 minutes
Values Function1 minute
Transaction Command2 minutes
Creating Multivalue Fields1 minute
Split Function3 minutes
Makemv Command5 minutes
Evaluating Multivalue Fields3 minutes
Mvindex Function4 minutes
Mvfilter Function2 minutes
Manipulating Multivalue Data3 minutes
Mvzip Function4 minutes
Mvjoin Function1 minute
Mvmap Function1 minute
Mvappend Function3 minutes
Mvexpand Command3 minutes

2 readingsTotal 10 minutes

Learning Objectives5 minutes
Lesson Notes5 minutes

1 assignmentTotal 5 minutes

New Quiz5 minutes

This module is for users who want to improve search performance. Topics will cover how search modes affect performance, how to create an efficient basic search, how to accelerate reports and data models, and how to use the tstats command to quickly query data.