Skills
.Work. You
Rest

sourcetype-fields

Community

Understand your Splunk data fields.

Data & Analytics#fields#log analysis#data dictionary#splunk#SPL#sourcetype
Authorlyderhansen
Version1.0.0
Installs0

System Documentation

What problem does it solve?

This Skill provides a comprehensive reference for all fields across various sourcetypes within the fake_tshrt Splunk index, enabling users to effectively query and analyze the data.

Core Features & Use Cases

  • Field Inventory: Detailed listing of fields for each sourcetype, including data type, distinct values, and common values.
  • Data Model Understanding: Helps users grasp the structure and content of the synthetic data generated by The Fake T-Shirt Company.
  • SPL Query Optimization: Essential for writing accurate and efficient Splunk Processing Language (SPL) queries, building dashboards, and troubleshooting data issues.
  • Use Case: When investigating a network security event, quickly look up the available fields for FAKE:cisco:asa to identify source IP, destination port, and action taken.

Quick Start

Provide a detailed field breakdown for the FAKE:azure:aad:signin sourcetype.

Dependency Matrix

Required Modules

None required

Components

Standard package

💻 Claude Code Installation

Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.

Please help me install this Skill:
Name: sourcetype-fields
Download link: https://github.com/lyderhansen/The-Fake-T-Shirt-Company/archive/main.zip#sourcetype-fields

Please download this .zip file, extract it, and install it in the .claude/skills/ directory.
View Source Repository

Agent Skills Search Helper

Install a tiny helper to your Agent, search and equip skill from 223,000+ vetted skills library on demand.