Using Splunk Log Observer Connect (USLO) – Outline

Detailed Course Outline

Module 1 – Explore Splunk Log Observer Connect

  • Determine how to navigate between types of telemetry data
  • Define the term "no-code search"
  • Describe some use cases for the Log Observer Connect

Module 2 – Log Observer Connect Basics

  • View trends in logs over time
  • Use an aggregation function to summarize log data
  • Browse fields and top values for logs
  • Create a set of filters from field data
  • Save filter sets
  • Change the time range for logs displayed
  • Describe the relationship between the four parts of the user Interface

Module 3 – Advanced Searching

  • Add multiple search filters using field values and keywords
  • Create and tag Saved Queries
  • Create log views
  • Create visualizations from aggregate log data
  • Save logs to dashboards
  • Segment visualization using Group by
  • Restrict time windows for viewing log data in various ways

Module 4 - Set up Log Observer Connect

  • Get data from the Splunk platform
  • Explain field types in Log Observer Connect
  • Name some of the ways that log data is enriched
  • Differentiate between log messages and metadata