Join us at hack.lu 2025 โ Info & Registration
Duration: 120 min
Type: Training
Speakers: David Durvaux, Christophe Vandeplas
Abstract
This is the second part, or deep dive, of the Sysdiagnose Analysis Framework Workshop.
We will continue on the topics discussed in the first workshop, but here the focus is on diving DEEP in lots of the data that is present in the sysdiagnose archive.
Please ONLY attend this workshop if you either attended previous yearโs session or attended the beginners session, or already used the sysdiagnose analysis framework before.
Description
We will get our hands dirty and dive deeper into advanced Splunk queries digging into data and better understanding what is in the Sysdiagnose archive.
We will also develop a parser and/or analyser for the sysdiagnose analysis framework
Prerequisites for attending the workshop are:
- Having downloaded the workshop material beforehand, prepared the Splunk docker, and have a python development environment ready.
- Solid experience with Splunk Query Language
- Solid experience with
grep,sed,awkandjq(or their alternatives) - Experience with development in python
- Familiarity with the sysdiagnose analysis framework