I have a technical and mainly a security/SIEM background. So I have no issues with understanding the SPL language in general, the administration etc etc. I however do fall flat on my face whenever I want to do anything more advanced with the SPL language and statistics.
This SplunkConf talk for example talks about actionable alerting https://conf.splunk.com/files/2016/slides/writing-actionable-alerts.pdf
and in the last slides talks about Nth percentage, proper time groups, outliers etc etc. It sounds great, but I'm a techie, not a statistician or data scientist, so my queries simple don't work as they should as I fail to understand the concepts I think. Splunk documentation is more explaining the command or argument, but not the concept as a whole.
I'm guessing other people must have had the same issues with this. Do you know of any materials that get my knowledge up a little bit, especially in relation to Splunk? I have looked around the Answer forum and other sites but did not see much that would help me I don't feel like going into a full blown statistics course would be the proper thing to do for the somewhat more advanced queries I want to write.
Any Advice?
... View more