Detailed Course Outline
Module 1 – Searching with Time
- Understand the _time field and timestamps
- View and interact with the Event Timeline
- Use the earliest and latest time modifiers
- Use the bin command with the _time field
Module 2 – Formatting Time
- Use various date and time eval functions to format time
Module 3 – Using Time Commands
- Use the timechart command
- Use the timewrap command
Module 4 – Working with Time Zones
- Understand how time and timezones are represented in your data
- Determine the time zone of your server
- Use strftime to correct timezones in results