Splunk 8.0.1 Cluster Administration

Upcoming Classes

Online

Instructor-led online training

Location	May 2020	Jun 2020	Jul 2020	Aug 2020	Sep 2020	Oct 2020	Nov 2020
AMER Pacific Time - Virtual		Jun 3 – Jun 5
AMER Eastern Time - Virtual		Jun 3 – Jun 5

Summary

This 3-virtual day course is for an experienced Splunk Enterprise administrator who is new to Splunk Clusters. The course provides the fundamental knowledge of deploying and managing Splunk Enterprise in a clustered environment. It covers installation, configuration, management, and monitoring of Splunk clusters. While Splunk Clusters are supported in Windows environments, the class lab environment is running Linux instances only.

Description

Large-scale Splunk Deployment Overview
Single-site Indexer Cluster
Indexer Cluster Management and Administration
Forwarder Configuration
Search Head Cluster
Search Head Cluster Management and Administration
KV Store Collection and Lookup Management
SmartStore Implementation Overview

Duration

3 Days

Objectives

Module 1 – Large-scale Splunk Deployment Overview

Factors that affecting deployment design
How Splunk Enterprise can scale
Splunk License Master

Module 2 – Single-site Indexer Cluster

How Splunk single-site indexer clusters work
Indexer cluster components and terms
Splunk single-site indexer cluster configuration
Splunk indexer cluster log channels

Module 3 – Multisite Indexer Cluster

How Splunk multisite indexer clusters work
Multisite indexer cluster terms
Multisite indexer cluster configuration
Optional multisite indexer cluster configurations

Module 4 – Indexer Cluster Management and Administration

Peer offline and decommission
Master app bundles
Indexer cluster storage utilization options
Site mapping
Monitoring Console for indexer cluster environment

Module 5 – Forwarder Management

Indexer discovery
Optional indexer discovery configurations
Volumne-based forwarder load balancing

Module 6 – Search Head Cluster

Splunk search head cluster overview
Search head cluster configuration

Module 7 – Search Head Cluster Management and Administration

Search head cluster deployer
Captaincy transfer
Search head member addition and decommissioning
Monitoring Console for Search Head Cluster

Module 8 – KV Store Collection and Lookup Management

KV Store collection in Splunk clusters
KV Store monitoring with Monitoring Console

Module 9 – SmartStore Implementation

SmartStore architecture overview
Deploy and manage SmartStore

Prerequisites

Required:

Splunk Enterprise System Administration
Splunk Enterprise Data Administration

Strongly Recommended:

Troubleshooting Splunk Enterprise
Architecting Splunk Enterprise Deployments
Working Linux knowledge
3 months of hands-on Splunk administration experience

Public Training

AMER Pacific Time - Virtual

Jun 3 – Jun 5

$ 1500.00 USD

AMER Eastern Time - Virtual

Jun 3 – Jun 5

$ 1500.00 USD

Don't see a date that works for you?

Request Class

Splunk 8.0.1 Cluster Administration

Splunk 8.0.1 Cluster Administration