Introduction to Knowledge objects These are tools you use to discover and analyze various aspects of your data * Data Interpretation – Fields and field extractions * Data Classification – Event types * Data Enrichment[…]

Introduction to Transactions A transaction is a group of related events that span time. Events can come from multiple applications or hots. For example, One email message can create multiple events as it travels through[…]

Introduction to Eval Commands The eval commands are great to perform calculations, convert values, road values, format values and even use conditional statements. It is recommended to use search and were commands to filter calculated[…]

Visualizations When a search returns statistical values, the results can be viewed with different visualization types, some of the Visualization types: Statistical Values Charts: Line, column, pie Single Value Visualizations Maps Charts – Line Chart[…]

SO we got to this point, looking at the Fundamentals 2 section of my training. This training builds on the Fundamentals 1 course. Which is pretty much all tools you can use for searching and[…]

Fields are searchable key/value pairs in your event data Fields can be searched by their name, for example: area_code=404 action=purchase status=200 When you look for multiple items in the editor an implied AND will be[…]

Every search is also a job, which can be paused, stopped, saved and exported. Here are some interesting things you need to know about Search jobs: Jobs are available for 10 Minutes (By Default) Jobs[…]

Basic search The search assistant provides a nice way to begin looking up for something in particular. At this stage, you can determine a few different search criteria, such as a term in particular or[…]