Splunk Enterprise 8.1 System Administration
Upcoming Classes
Online
Instructor-led online training
Australia
Location | Jan 2021 | Feb 2021 | Mar 2021 | Apr 2021 | May 2021 | Jun 2021 | Jul 2021 |
---|---|---|---|---|---|---|---|
Ingeniq - Online |
Feb 15 – Feb 16 |
Mar 15 – Mar 16 |
Japan
Location | Jan 2021 | Feb 2021 | Mar 2021 | Apr 2021 | May 2021 | Jun 2021 | Jul 2021 |
---|---|---|---|---|---|---|---|
Japan Third Party Co.,Ltd. |
Feb 15 – Feb 16 |
Apr 19 – Apr 20 |
Jun 21 – Jun 22 |
Summary
This 2 virtual day course is designed for system administrators who are responsible for managing the Splunk Enterprise environment. The course provides the fundamental knowledge of Splunk license manager, indexers and search heads. It covers configuration, management, and monitoring core Splunk Enterprise components.
Description
- Splunk Deployment Overview
- License Management
- Splunk Apps
- Splunk Configuration Files
- Users, Roles, and Authentication
- Getting Data In
- Distributed Search
Objectives
Module 1 - Splunk Server Deployment
- Provide an overview of Splunk
- Identify Splunk components
- Identify the types of Splunk deployments
- List the steps to install Splunk
- Use Splunk CLI commands
Module 2 - Splunk Server Monitoring
- Enable the Monitoring Console
- Identify Splunk license types
- Describe license violations
- Add and remove licenses
- Use Splunk Diag
Module 3 - Splunk Apps
- Describe Splunk apps and add-ons
- Install an app on a Splunk instance
- Manage app accessibility and permissions
Module 4 - Splunk Configuration Files
- Describe Splunk configuration directory structure
- Understand configuration layering process
- Use btool to examine configuration settings
Module 5 - Splunk Indexes
- Learn how Splunk indexes function
- Identify the types of index buckets
- Adding and working with indexes
- Overview of metrics index
- Monitor indexes with Monitoring Console
Module 6 - Splunk Index Management
- Manage indexes with Splunk web
- Describe indexes.conf options
- Monitor indexes with Monitoring Console (MC)
- Customize index retention policies
- Back of indexes
- Delete events from an index
- Restore frozen buckets
Module 7 - Splunk User Management
- Add Splunk users using native authentication
- Describe user roles in Splunk
- Create a custom role
- Manage users in Splunk
Module 8 - Configuring Basic Forwarding
- Identify forwarder configuration steps
- Configure a Universal Forwarder
- Identify forwarder configuration files
Module 9 - Distributed Search
- Describe how distributed search works
- Explain the roles of the search head and search peers
- List search head scaling options