Splunk 8.2 Cluster Administration

Splunk 8.2 Cluster Administration

Splunk 8.2 Cluster Administration

Upcoming Classes

Online

Instructor-led online training

Location Jan 2022 Feb 2022 Mar 2022 Apr 2022 May 2022 Jun 2022 Jul 2022
EMEA UK Time - Virtual Jan 26 – Jan 28
 Feb 2 – Feb 4
Feb 14 – Feb 16
Feb 23 – Feb 25
 Mar 7 – Mar 9
Mar 21 – Mar 23
 Apr 4 – Apr 6
Apr 20 – Apr 22
Apr 27 – Apr 29
APAC Singapore - Virtual Feb 16 – Feb 18
 Mar 16 – Mar 18
 Apr 18 – Apr 20
AMER Eastern Time - Virtual Feb 16 – Feb 18
 Mar 2 – Mar 4
Mar 9 – Mar 11
Mar 21 – Mar 23
Mar 30 – Apr 1
 Apr 13 – Apr 15
Apr 20 – Apr 22
APAC Sydney - Virtual Feb 16 – Feb 18
AMER Pacific Time - Virtual Feb 21 – Feb 23
 Mar 16 – Mar 18
 Apr 6 – Apr 8
Apr 27 – Apr 29

Summary

This 3-virtual day course is for an experienced Splunk Enterprise administrator who is new to Splunk Clusters. The course provides the fundamental knowledge of deploying and managing Splunk Enterprise in a clustered environment. It covers installation, configuration, management, and monitoring of Splunk clusters. While Splunk Clusters are supported in Windows environments, the class lab environment is running Linux instances only.

Description

  • Large-scale Splunk Deployment Overview
  • Single-site Indexer Cluster
  • Indexer Cluster Management and Administration
  • Forwarder Configuration
  • Search Head Cluster
  • Search Head Cluster Management and Administration
  • KV Store Collection and Lookup Management
  • SmartStore Implementation Overview

Duration

3 Days

Objectives

Module 1 – Large-scale Splunk Deployment Overview

  • Factors that affecting deployment design
  • How Splunk Enterprise can scale
  • Splunk License Master

Module 2 – Single-site Indexer Cluster

  • How Splunk single-site indexer clusters work
  • Indexer cluster components and terms
  • Splunk single-site indexer cluster configuration
  • Splunk indexer cluster log channels

Module 3 – Multisite Indexer Cluster

  • How Splunk multisite indexer clusters work
  • Multisite indexer cluster terms
  • Multisite indexer cluster configuration
  • Optional multisite indexer cluster configurations

Module 4 – Indexer Cluster Management and Administration

  • Peer offline and decommission
  • Master app bundles
  • Indexer cluster storage utilization options
  • Site mapping
  • Monitoring Console for indexer cluster environment

Module 5 – Forwarder Management

  • Indexer discovery
  • Optional indexer discovery configurations
  • Volume-based forwarder load balancing

Module 6 – Search Head Cluster

  • Splunk search head cluster overview
  • Search head cluster configuration

Module 7 – Search Head Cluster Management and Administration

  • Search head cluster deployer
  • Captaincy transfer
  • Search head member addition and decommissioning
  • Monitoring Console for Search Head Cluster

Module 8 – KV Store Collection and Lookup Management

  • KV Store collection in Splunk clusters
  • KV Store monitoring with Monitoring Console

Module 9 – SmartStore Implementation

  • SmartStore architecture overview
  • Deploy and manage SmartStore

Prerequisites

To be successful, students should have a solid understanding of the following courses:
  • Splunk Fundamentals 1
  • Splunk Fundamentals 2
OR the following single-subject courses:
  • What Is Splunk?
  • Intro to Splunk
  • Using Fields
  • Scheduling Reports and Alerts
  • Visualizations
  • Leveraging Lookups and Subsearches
  • Search Under the Hood
  • Introduction to Knowledge Objects
  • Creating Knowledge Objects
  • Enriching Data with Lookups
  • Data Models
  • Introduction to Dashboards
Students should also have completed the following courses:
  • Splunk System Administration
  • Splunk Data Administration
  • Troubleshooting Splunk Enterprise

Onsite Training

For groups of three or more

Request Quote

Public Training

EMEA UK Time - Virtual

APAC Singapore - Virtual

AMER Eastern Time - Virtual

APAC Sydney - Virtual

AMER Pacific Time - Virtual


Don't see a date that works for you?

Request Class

© 2005- Splunk Inc. All rights reserved.
Splunk>, Listen to Your Data, The Engine for Machine Data, Splunk Cloud, Splunk Light and SPL are trademarks and registered trademarks of Splunk Inc. in the United States and other countries. All other brand names, product names, or trademarks belong to their respective owners. © Splunk Inc. All rights reserved.