Your Cart Is Empty
Home > Technical Courses > Splunk > Splunk Enterprise Data Administration
This course is designed for administrators who are responsible for getting data into Splunk Indexers.
This course is designed for administrators who are responsible for getting data into Splunk Indexers. The course provides the fundamental knowledge of Splunk forwarders and methods to get remote data into Splunk indexers. It covers installation, configuration, management, monitoring, and troubleshooting of Splunk forwarders and Splunk Deployment Server components.Please note that classes may run across three days, consisting of 6 hour sessions each day.
Category
ID
Duration
Level
Price
Business Analysis
13864
3 Day(s)
Intermediate
$2,195.00
Objectives
· 228 last one Understand sourcetypes· Manage and deploy forwarders· Configure data inputs· File monitors· Network inputs (TCP/UDP)· Scripted inputs· HTTP inputs (via the HTTP Event Collector)· Customize the input phase parsing process· Define transformations to modify data before indexing· Define search time knowledge object configurations
Module 1 – Get Data Into Splunk· Provide an overview of Splunk· Describe the Splunk distributed model· Describe data input types and metadata settings· Configure initial input testing with Splunk Web· Test Indexes with input stagingModule 2 – Configuration Files and Apps· Identify Splunk configuration files and directories· Describe index-time and search-time precedence· Validate and update configuration files· Explore Splunk apps and apps installationModule 3 – Configure Forwarders· Configure Universal Forwarders· Configure Heavy ForwardersModule 4 – Customize Forwarder· Configure intermediate forwarders· Identify additional forwarder optionsModule 5 - Manage Forwarders· Describe the Splunk deployment server· Manage forwarders using deployment apps· Configure deployment clients and client groups· Monitor forwarder management activitiesModule 6 – Monitor Inputs· Create file and directory monitor inputs· Use optional settings for monitor inputs· Deploy a remote monitor inputModule 7 – Network Inputs· Create network (TCP and UDP) inputs· Describe optional settings for network inputsModule 8 – Scripted Inputs· Create a basic scripted inputModule 9 – Agentless Inputs· Configure Splunk HTTP Event Collector (HEC) agentless input· Describe Splunk App for Stream
Module 10 – Operating System Inputs· Identify Linux-specific inputs· Identify Windows-specific inputsModule 11 – Fine-tuning Inputs· Understand the default processing that occurs during input phase· Configure input phase optionsModule 12 – Parsing Phase and Data Preview· Understand the default processing during parsing phase· Optimize and configure event line breaking· Explain how timestamps and time zones are used· Use Data Preview to validate event create during parsing phaseModule 13 – Manipulating Input Data· Explore Splunk transformation methods· Create rulesets with Ingest Actions· Mask data with Ingest Actions rules· Mask data with SEDCMD and TRANSFORMS· Override sourcetype or host base upon event valuesModule 14 - Routing Input Data· Filter data with Ingest Action rules· Route data with Ingest Action rules· Route data with TransformsModule 15 – Supporting Knowledge Objects· Define default and custom search time field extractions· Identify the pros and cons of indexed time field extractions· Configure indexed field extractions· Describe default search-time extractions· Manage orphaned knowledge objects
Questions?
This course is part of the following Certifications:Splunk Enterprise Certified Admin
To be successful, students must have completed these Splunk Education course(s) or have equivalent working knowledge:· Intro to Splunk· Using Fields (SUF)· Intro to Knowledge Objects· Creating Knowledge Objects (CKO)· Creating Field Extractions (CFE)· Enriching Data with Lookups (EDL)· Data Models (SDM)· Splunk Enterprise System Administration (SESA)
Splunk Enterprise Data Administration
Class Schedule
Live Online
Course Overview
Training Delivery Methods
With Productivity Point, you will have a spectrum of delivery methods to choose from... when where and how you like it. Whether it's in a classroom or online, we have a delivery option to meets your needs.
Classroom Live
Classroom Virtual
Private Group
On Demand
Classroom Live Training
Get in-person, hands-on instruction with live lab exercises taught by subject matter experts who deliver authorized and industry-leading content.
With classrooms in almost every major U.S. city, Productivity Point has something for users of every level, so you can earn the most popular industry certifications. You get hands-on learning experience with live lab exercises taught by experienced instructors. We proudly advocate our learning services to be hosted by the best-qualified trainers in terms of technical knowledge and teaching skills.
Classroom Virtual Training
Prefer to have a dedicated classroom for your virtual experience? Attend live, hands- on training via remote instructor from one of Productivity Point’s multiple locations.
Enjoy a focused and professional training environment, including all technical equipment provided along with administrative and technical support at your fingertips. With over 150 locations to choose from, review our course catalog or contact your personal Productivity Point Account Manager to see if the course you have in mind is delivered at one of our dedicated virtual classrooms in your area.
Live Online Training
Blend the best from traditional face-to-face instructor-led training with the latest in conferencing technology.
Private Group Training
Your private group classroom experience will not only take place in the location of your choice (including any of our training centers), but you will enjoy the following amenities:
On-Demand Learning
On-Demand is an IT training solution designed around your schedule, budget, and learning needs. Combining high-quality video, reading, and knowledge checks in a self-paced format, On-Demand helps you build skills as your schedule allows—all at once or five minutes at a time.
With On-Demand, you learn at your own pace and in the convenience of your own space.
With Learn at your own pace…
Productivity Point Learning Solutions evolved out of a desire to increase our outreach both nationally and internationally.
Productivity Point Headquarters 1580 Sawgrass Corporate Parkway Suite 205 Sunrise, Florida 33323 United States
Contact T 1-844-238-8607 P 1-954-425-6141 F 1-954-928-9057 E info@productivitypointls.com