Splunk Enterprise 8.0 System Administration

Splunk Enterprise 8.0 System Administration

Splunk Enterprise 8.0 System Administration

Upcoming Classes

Online

Instructor-led online training

Location Jul 2020 Aug 2020 Sep 2020 Oct 2020 Nov 2020 Dec 2020 Jan 2021
AMER Pacific Time - Virtual Jul 20 – Jul 21
Jul 27 – Jul 28
 Aug 3 – Aug 4
Aug 3 – Aug 4
Aug 10 – Aug 11
Aug 17 – Aug 18
Aug 17 – Aug 18
Aug 24 – Aug 25
Aug 31 – Sep 1
Aug 31 – Sep 1
 Sep 8 – Sep 9
Sep 14 – Sep 15
Sep 14 – Sep 15
Sep 21 – Sep 22
Sep 28 – Sep 29
Sep 28 – Sep 29
 Oct 5 – Oct 6
Oct 12 – Oct 13
Oct 26 – Oct 27
EMEA UK Time - Virtual Jul 27 – Jul 28
 Aug 3 – Aug 4
Aug 3 – Aug 4
Aug 10 – Aug 11
Aug 10 – Aug 11
Aug 17 – Aug 18
Aug 17 – Aug 18
Aug 24 – Aug 25
Aug 24 – Aug 25
Aug 31 – Sep 1
Aug 31 – Sep 1
 Sep 7 – Sep 8
Sep 14 – Sep 15
Sep 14 – Sep 15
Sep 21 – Sep 22
Sep 21 – Sep 22
Sep 28 – Sep 29
 Oct 5 – Oct 6
Oct 12 – Oct 13
Oct 12 – Oct 13
Oct 26 – Oct 27
AMER Eastern Time - Virtual Aug 3 – Aug 4
Aug 3 – Aug 4
Aug 10 – Aug 11
Aug 17 – Aug 18
Aug 17 – Aug 18
Aug 24 – Aug 25
Aug 31 – Sep 1
Aug 31 – Sep 1
 Sep 8 – Sep 9
Sep 14 – Sep 15
Sep 14 – Sep 15
Sep 21 – Sep 22
Sep 28 – Sep 29
Sep 28 – Sep 29
 Oct 5 – Oct 6
Oct 12 – Oct 13
Oct 12 – Oct 13
Oct 12 – Oct 13
Oct 26 – Oct 27
AMER Brazil Time - Virtual Aug 10 – Aug 11
Ingeniq Aug 10 – Aug 11
 Sep 14 – Sep 15
APAC Singapore - Virtual Aug 17 – Aug 18
Aug 31 – Sep 1
 Sep 14 – Sep 15
Sep 14 – Sep 15
 Oct 5 – Oct 6
Oct 26 – Oct 27
AMER Central Time - Virtual Aug 31 – Sep 1

Summary

This 2 virtual day course is designed for system administrators who are responsible for managing the Splunk Enterprise environment. The course provides the fundamental knowledge of Splunk license manager, indexers and search heads. It covers configuration, management, and monitoring core Splunk Enterprise components.

Description

  • Splunk Deployment Overview
  • License Management
  • Splunk Apps
  • Splunk Configuration Files
  • Users, Roles, and Authentication
  • Getting Data In
  • Distributed Search

Duration

2 Days

Objectives

Module 1 - Splunk Deployment Overview

  • Provide an overview of Splunk
  • Identify Splunk components
  • Identify Splunk system administrator role
  • Identify Splunk installation steps
  • Use SplunkCLI
  • Enable the Monitoring Console (MC)

Module 2 - License Management

  • Identify license types
  • Describe license violations
  • Add and remove licenses

Module 3 - Splunk Apps

  • Describe Splunk apps and add-ons
  • Install an app on a Splunk instance
  • Manage app accessibility and permissions

Module 4 - Splunk Configuration Files

  • Describe Splunk configuration directory structure
  • Understand configuration layering process
  • Use btool to examine configuration settings

Module 5 - Splunk Indexes

  • Learn how Splunk indexes function
  • Identify the types of index buckets
  • Create new indexes
  • Identify the advantage of using multiple indexes
  • Monitor indexes with Monitoring Console

Module 6 - Splunk Index Management

  • Manage indexes with Splunk web
  • Describe indexes.conf attributes and stanzas
  • Customize index retention policies
  • Delete events from an index
  • Restore frozen buckets

Module 7 - Splunk User Management

  • Add Splunk users using native authentication
  • Describe user roles in Splunk
  • Create a custom role
  • Splunk authentication options

Module 8 - Configuring Basic Forwarding

  • Identify forwarder configuration steps
  • List Splunk forwarder types
  • Configure the forwarder
  • Identify forwarder configuration files

Module 9 - Distributed Search and Splunk Diag

  • Describe how distributed search works
  • Explain the roles of the search head and search peers
  • List search head scaling options
  • Describe a Splunk diag
  • Generate a Splunk diag

 

Prerequisites

Required:

  • Splunk Fundamentals 1
  • Splunk Fundamentals 2

 

Onsite Training

For groups of three or more

Request Quote

Public Training

AMER Pacific Time - Virtual

EMEA UK Time - Virtual

AMER Eastern Time - Virtual

AMER Brazil Time - Virtual

Ingeniq

APAC Singapore - Virtual

AMER Central Time - Virtual


Don't see a date that works for you?

Request Class

© 2005- Splunk Inc. All rights reserved.
Splunk>, Listen to Your Data, The Engine for Machine Data, Splunk Cloud, Splunk Light and SPL are trademarks and registered trademarks of Splunk Inc. in the United States and other countries. All other brand names, product names, or trademarks belong to their respective owners. © Splunk Inc. All rights reserved.