Course Overview
The course provides the fundamental knowledge of Splunk license manager, indexers and search heads. It covers configuration, management, and monitoring core Splunk Enterprise components.
Course Objectives
Splunk Deployment Overview
License Management
Splunk Apps
Splunk Configuration Files
Users, Roles, and Authentication
Getting Data In
Distributed Search
Who Should Attend?
This 9-hour virtual course is designed for system administrators who are responsible for managing the Splunk Enterprise environment.
- Top-rated instructors: Our crew of subject matter experts have an average instructor rating of 4.8 out of 5 across thousands of reviews.
- Authorized content: We maintain more than 35 Authorized Training Partnerships with the top players in tech, ensuring your course materials contain the most relevant and up-to date information.
- Interactive classroom participation: Our virtual training includes live lectures, demonstrations and virtual labs that allow you to participate in discussions with your instructor and fellow classmates to get real-time feedback.
- Post Class Resources: Review your class content, catch up on any material you may have missed or perfect your new skills with access to resources after your course is complete.
- Private Group Training: Let our world-class instructors deliver exclusive training courses just for your employees. Our private group training is designed to promote your team’s shared growth and skill development.
- Tailored Training Solutions: Our subject matter experts can customize the class to specifically address the unique goals of your team.
Course Prerequisites
There are no prerequisites for this course.
Agenda
1 - Splunk Server Deployment
- Provide an overview of Splunk
- Identify Splunk Enterprise components
- Identify the types of Splunk deployments
- List the steps to install Splunk
- Use Splunk CLI commands
2 - Splunk Server Monitoring
- Enable the Monitoring Console (MC)
- Identify Splunk license types
- Describe license violations
- Add and remove licenses
- Use Splunk Diag
3 - Splunk Apps
- Describe Splunk apps and add-ons
- Install an app on a Splunk instance
- Manage app accessibility and permissions
4 - Splunk Configuration Files
- Describe Splunk configuration directory structure
- Understand configuration layering process
- Use btool to examine configuration settings
5 - Splunk Indexes
- Learn how Splunk indexes function
- Identify the types of index buckets
- Add and work with indexes
- Overview of metrics index
6 - Splunk Index Management
- Review Splunk Index Management basics
- Identify data retention recommendations
- Identify backup recommendations
- Move and delete index data
- Describe the use of the Fishbucket
- Restore a frozen bucket
7 - Splunk User Management
- Add Splunk users using native authentication
- Describe user roles in Splunk
- Create a custom role
- Manage users in Splunk
8 - Configuring Basic Forwarding
- Identify forwarder configuration steps
- Configure a Universal Forwarder
- Understand the Deployment Server
9 - Distributed Search
- Describe how distributed search works
- Define the roles of the search head and search peers