• Introduction to Splunk DSP
• Deploying a DSP cluster
• Configuring SplunkSources and Sinks
• Building Pipelines - Basics
• Building Pipelines - Intermediate
• Building Pipelines - Advanced
• Working with 3rd-party Sources and Sinks
• Working with Metrics and Traces
• Streaming ML Plugin
• Monitoring DSP Environment
  

Module 1 – Introduction to DSP

• Review Splunk deployment options and challenges
• Describe the purpose and value of Splunk DSP
• Define DSP concepts and terminologies

Module 2 – Deploying a DSP Cluster

• List DSP core components and system requirements
• Describe installation options and steps
• Check DSP service status
• Learn to navigate in DSP UI
• Use scloud

Module 3 – Prepping Sources and Sinks

• Ingest data with DSP REST API service
• Configure DSP source connections for Splunk data
• Configure DSP sink connections for Splunk indexers
• Create Splunk-to Splunk pass-through pipelines

Module 4 – Building Pipelines - Basic

• Describe the basic elements of a DSP pipeline
• Create data pipelines with the DSP canvas and SPL2
• List DSP pipeline commands
• Use scalar functions to convert data types and schema
• Filter and route data to multiple sinks

Module 5 – Building Pipelines - Intermediate

• Manipulate pipeline options:
• Extract
• Transform
• Obfuscate
• Reduce payload

Module 6 – Building Pipelines - Advanced

• Review Splunk lookups
• Enrich data with DSP lookups
• Populate KV Store lookups from DSP streams
• Manipulate pipeline options
• Aggregate
• Conditional trigger
• Introduce the DSP Plugins SDK

Module 7 – Working with 3rd party Sources and Sinks

• Read from and write data to pub-sub systems like Kafka
• List sources supported with the collect service
• Transform data from Kafka and normalize
• Write to S3

Module 8 – Working with Metrics and Traces

• Onboard observability data (log, metric, and trace) into DSP
• Transform metric data for Splunk indexers and Splunk SignalFx
• Transform trace data for Splunk Infrastructure Monitoring
• Route metric data to Splunk indexers and SignalFx
• Send trace data to Splunk SignalFx

Module 9 – Streaming ML Plugin

• Describe the advantage of using DSP Streaming ML plugin
• Enable the Streaming ML plugin in DSP
• List the DSP Streaming ML functions
• Practice DSP ML algorithms with the ML datagen

Module 10 – Monitoring DSP Environment

• Back up DSP pipelines
• Monitor DSP environment
• Describe steps to isolate DSP service issues
• Scale DSP
• Replace DSP master node
• Upgrade DSP cluster

Required:

• Splunk Enterprise System Administration
• Splunk Enterprise Data Administration

Recommended:

• Architecting Splunk Enterprise Deployments

Nice to have:

• Working knowledge of open source projects:
• Apache Kafka (user level)
• Apache Flink (user level)
• Kubernetes (admin level)