Splunk 8.2 Cluster Administration

Upcoming Classes

Online

Instructor-led online training

Location	Dec 2022	Jan 2023	Feb 2023	Mar 2023	Apr 2023	May 2023
EMEA UK Time - Virtual	Dec 7 – Dec 9	Jan 11 – Jan 13 Jan 18 – Jan 20 Jan 25 – Jan 27	Feb 1 – Feb 3 Feb 8 – Feb 10 Feb 15 – Feb 17 Feb 22 – Feb 24	Mar 8 – Mar 10 Mar 15 – Mar 17 Mar 22 – Mar 24 Mar 29 – Mar 31	Apr 3 – Apr 5 Apr 19 – Apr 21 Apr 26 – Apr 28
AMER Eastern Time - Virtual	Dec 7 – Dec 9 Dec 14 – Dec 16	Jan 4 – Jan 6 Jan 11 – Jan 13 Jan 25 – Jan 27	Feb 1 – Feb 3 Feb 8 – Feb 10 Feb 15 – Feb 17 Feb 22 – Feb 24	Mar 1 – Mar 3 Mar 8 – Mar 10 Mar 15 – Mar 17 Mar 22 – Mar 24 Mar 29 – Mar 31	Apr 5 – Apr 7 Apr 12 – Apr 14 Apr 19 – Apr 21 Apr 26 – Apr 28
AMER Pacific Time - Virtual	Dec 14 – Dec 16	Jan 11 – Jan 13 Jan 25 – Jan 27	Feb 1 – Feb 3 Feb 15 – Feb 17	Mar 1 – Mar 3 Mar 15 – Mar 17 Mar 29 – Mar 31	Apr 12 – Apr 14 Apr 26 – Apr 28
APAC Singapore - Virtual		Jan 4 – Jan 6 Jan 23 – Jan 25	Feb 13 – Feb 15	Mar 6 – Mar 8 Mar 27 – Mar 29	Apr 17 – Apr 19	May 8 – May 10

Summary

This 3-virtual day course is for an experienced Splunk Enterprise administrator who is new to Splunk Clusters. The course provides the fundamental knowledge of deploying and managing Splunk Enterprise in a clustered environment. It covers installation, configuration, management, and monitoring of Splunk clusters. While Splunk Clusters are supported in Windows environments, the class lab environment is running Linux instances only.

Description

Large-scale Splunk Deployment Overview
Single-site Indexer Cluster
Indexer Cluster Management and Administration
Forwarder Configuration
Search Head Cluster
Search Head Cluster Management and Administration
KV Store Collection and Lookup Management
SmartStore Implementation Overview

Duration

3 Days

Objectives

Module 1 – Large-scale Splunk Deployment Overview

Factors that affecting deployment design
How Splunk Enterprise can scale
Splunk License Master

Module 2 – Single-site Indexer Cluster

How Splunk single-site indexer clusters work
Indexer cluster components and terms
Splunk single-site indexer cluster configuration
Splunk indexer cluster log channels

Module 3 – Multisite Indexer Cluster

How Splunk multisite indexer clusters work
Multisite indexer cluster terms
Multisite indexer cluster configuration
Optional multisite indexer cluster configurations

Module 4 – Indexer Cluster Management and Administration

Peer offline and decommission
Master app bundles
Indexer cluster storage utilization options
Site mapping
Monitoring Console for indexer cluster environment

Module 5 – Forwarder Management

Indexer discovery
Optional indexer discovery configurations
Volume-based forwarder load balancing

Module 6 – Search Head Cluster

Splunk search head cluster overview
Search head cluster configuration

Module 7 – Search Head Cluster Management and Administration

Search head cluster deployer
Captaincy transfer
Search head member addition and decommissioning
Monitoring Console for Search Head Cluster

Module 8 – KV Store Collection and Lookup Management

KV Store collection in Splunk clusters
KV Store monitoring with Monitoring Console

Module 9 – SmartStore Implementation

SmartStore architecture overview
Deploy and manage SmartStore

Prerequisites

To be successful, students should have a solid understanding of the following courses:

Splunk Fundamentals 1
Splunk Fundamentals 2

OR the following single-subject courses:

What Is Splunk?
Intro to Splunk
Using Fields
Scheduling Reports and Alerts
Visualizations
Leveraging Lookups and Subsearches
Search Under the Hood
Introduction to Knowledge Objects
Creating Knowledge Objects
Enriching Data with Lookups
Data Models
Introduction to Dashboards

Students should also have completed the following courses:

Splunk System Administration
Splunk Data Administration
Troubleshooting Splunk Enterprise

Public Training

EMEA UK Time - Virtual

Dec 7 – Dec 9

$ 1500.00 USD
Jan 11 – Jan 13

$ 1500.00 USD
Jan 18 – Jan 20

$ 1500.00 USD
Jan 25 – Jan 27

$ 1500.00 USD
Feb 1 – Feb 3

$ 1500.00 USD
Feb 8 – Feb 10

$ 1500.00 USD
Feb 15 – Feb 17

$ 1500.00 USD
Feb 22 – Feb 24

$ 1500.00 USD
Mar 8 – Mar 10

$ 1500.00 USD
Mar 15 – Mar 17

$ 1500.00 USD
Mar 22 – Mar 24

$ 1500.00 USD
Mar 29 – Mar 31

$ 1500.00 USD
Apr 3 – Apr 5

$ 1500.00 USD
Apr 19 – Apr 21

$ 1500.00 USD
Apr 26 – Apr 28

$ 1500.00 USD

AMER Eastern Time - Virtual

Dec 7 – Dec 9

$ 1500.00 USD
Dec 14 – Dec 16

$ 1500.00 USD
Jan 4 – Jan 6

$ 1500.00 USD
Jan 11 – Jan 13

$ 1500.00 USD
Jan 25 – Jan 27

$ 1500.00 USD
Feb 1 – Feb 3

$ 1500.00 USD
Feb 8 – Feb 10

$ 1500.00 USD
Feb 15 – Feb 17

$ 1500.00 USD
Feb 22 – Feb 24

$ 1500.00 USD
Mar 1 – Mar 3

$ 1500.00 USD
Mar 8 – Mar 10

$ 1500.00 USD
Mar 15 – Mar 17

$ 1500.00 USD
Mar 22 – Mar 24

$ 1500.00 USD
Mar 29 – Mar 31

$ 1500.00 USD
Apr 5 – Apr 7

$ 1500.00 USD
Apr 12 – Apr 14

$ 1500.00 USD
Apr 19 – Apr 21

$ 1500.00 USD
Apr 26 – Apr 28

$ 1500.00 USD

AMER Pacific Time - Virtual

Dec 14 – Dec 16

$ 1500.00 USD
Jan 11 – Jan 13

$ 1500.00 USD
Jan 25 – Jan 27

$ 1500.00 USD
Feb 1 – Feb 3

$ 1500.00 USD
Feb 15 – Feb 17

$ 1500.00 USD
Mar 1 – Mar 3

$ 1500.00 USD
Mar 15 – Mar 17

$ 1500.00 USD
Mar 29 – Mar 31

$ 1500.00 USD
Apr 12 – Apr 14

$ 1500.00 USD
Apr 26 – Apr 28

$ 1500.00 USD

APAC Singapore - Virtual

Jan 4 – Jan 6

$ 1500.00 USD
Jan 23 – Jan 25

$ 1500.00 USD
Feb 13 – Feb 15

$ 1500.00 USD
Mar 6 – Mar 8

$ 1500.00 USD
Mar 27 – Mar 29

$ 1500.00 USD
Apr 17 – Apr 19

$ 1500.00 USD
May 8 – May 10

$ 1500.00 USD

Don't see a date that works for you?

Request Class

Splunk 8.2 Cluster Administration

Splunk 8.2 Cluster Administration