Scheduling Reports & Alerts

 

Prerequisites

Recommended:

  • Intro to Splunk eLearning module
  • Intro to Knowledge Objects eLearning module

Course Objectives

  • Creating and managing Scheduled Reports
  • Creating and managing Alerts
  • Using Alert Actions

Product Description

This eLearning module teaches students how to use scheduled reports and alerts to automate processes in their organization. Students will create, manage, and schedule reports and alerts, and use alert actions to further respond to incidents as they occur. This module will take roughly three hours to complete.

This eLearning option is available with and without a lab option. If a student opts to take the option without a lab, the eLearning is free.

Outline

Topic 1

  • Create a report
  • Schedule a report
  • Define a report's time range
  • Define schedule priority
  • Define schedule window
  • Add a trigger condition

Topic 2

  • View report settings
  • Edit report permissions
  • Enable report embedding

Topic 3

  • Save a search as an alert
  • Define alert permissions
  • Understand scheduled and real-time alert types
  • Define alert trigger conditions

Topic 4

  • Define actions that respond to trigger conditions
  • Write results to a log event
  • Output results to a lookup
  • Output results to a telemetry endpoint
  • Send an email containing search results
  • Set up a webhook alert action

Topic 5

  • View alert settings
  • Edit alert permissions
E-Learning
Free offering