Administering splunk 43 course


Published on

Administering splunk 43 course

Published in: Technology
  • Be the first to comment

  • Be the first to like this

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

Administering splunk 43 course

  1. 1. Splunk Education Services Administrating Splunk 5.0This eight hour course prepares system administrators to configure and manage Splunk. It covers installation, configuring data inputs and forwarders, data management, user accounts, licenses, and basic troubleshooting and monitoring. It's recommended for systems administrators responsible for the day-to-day administration of Splunk. Using Splunk is a prerequisite. Course Topics  Typical Splunk installations  apps and technology add-ons  Common methods of data input  Splunk forwarders’ role in data inputs  Default input processing and common configurations  Managing Splunk data stores  Configuring groups, users, and data security  Managing and installing Splunk licenses Course Prerequisites Using Splunk course Class Format Instructor-led lecture with labs. Delivered via virtual classroom or at your site. Course Objectives Lesson 1 – Setting Up Splunk  Describe typical Splunk installs  Install Splunk  Perform server basics including starting, stopping, and restarting Splunk Lesson 2 – Getting Data In  Identify how to get data into Splunk  Set up inputs using Apps  Set input properties such as host, ports, index, source type, etc. Lesson 3 – Data Inputs  Manually specify data inputs  List Splunk's data input types and explain how they differ  Set input properties such as host, ports, index, source type, etc. Lesson 4 – Windows Inputs  Understand Windows-specific data  Configure Windows specific inputs Lesson 5 – Forwarders  Compare forwarder types  Understand forwarder benefits  Deploy and configure forwarders Lesson 6 – Understanding Data Processing  Describe how data moves through Splunk  Set source type  Understand how Splunk sets time zones  Configure search-time field extraction Lesson 7 – Configuration Precedence  Understand how precedence is applied to config files  Understand how precedence affects index time and search time Lesson 8 – Splunk's Data Store  Learn when and why to use multiple indexes  Learn how data moves through indexes  Describe index directory structures and buckets  Set up indexes  Describe back up strategies Lesson 9 – Users, Roles and Authentication  Understand user roles in Splunk  Create a custom role Lesson 10 – Licensing  Identify license types  Understand license violations  Define license groups, license pooling and stacking  Add and remove licenses Splunk Education Tracks User: For all day-to-day Splunk users including customer support staff, developers, systems administrators and management. Administrator: For administrators of Splunk itself. (Administrators of other systems who will just be using Splunk should take the User track.) Architect: For architects who will be designing Splunk deployments, including architects on staff at customer deployments as well as partner professional services personnel. Developer: For developers who will integrate, customize and extend Splunk using its XML templates and advanced configuration bundling. Support Engineer: For Splunk OEM and channel partner support staff who will be providing first line support for Splunk. Tracks User Administrator Architect Developer Support Engineer Using Splunk ✓ ✓ ✓ ✓ ✓ Searching and Reporting with Splunk ✓ ✓ ✓ ✓ Administrating Splunk ✓ ✓ ✓ Advanced Splunk Administration ✓ ✓ ✓ Architecting and Deploying Splunk ✓ ✓ Developing Apps with Splunk ✓ ✓ ✓ Splunk Architect Certification Lab ✓ Supporting Splunk ✓
  2. 2. Splunk Education Services About Splunk Splunk is software that indexes, manages and enables you to search data from any application, server or network device in real time. Visit our website at to download your own free copy. Splunk Inc. 250 Brannan San Francisco, CA 94107 866.GET.SPLUNK (866.438.7758)