Detail kurzu
Splunk Cloud Administration
EDU Trainings s.r.o.
Popis kurzu
This 18-hour hands-on course prepares administrators to manage users and get data in Splunk Cloud. Modules include data inputs and forwarder configuration, data management, user accounts, and basic monitoring and problem isolation.
The course provides administrators with the skills, knowledge and best practices for data management and system configuration for data collection and ingestion in a Splunk Cloud environment to maintain a productive Splunk SaaS deployment.
The course provides administrators with the skills, knowledge and best practices for data management and system configuration for data collection and ingestion in a Splunk Cloud environment to maintain a productive Splunk SaaS deployment.
Obsah kurzu
Module 1 – Splunk Cloud OverviewDescribe Cloud topology
Describe tasks managed by the Splunk cloud administrator
List the primary differences between Splunk Cloud and Splunk Enterprise
List differences between Self-Service Cloud and Managed Cloud
Module 2 – Index Management
Define a Splunk Index
Create indexes in cloud
Delete data from an index
Monitor indexing activities
Module 3 – User Authentication and Authorization
Administer Splunk user roles
Integrate Splunk with LDAP, Active Directory, or SAML
Module 4 – Splunk Configuration Files
Review Splunk configuration files and directories
Review configuration file precedence
Review index and search time processes
Module 5 – Cloud Ingestion – Using Splunk Forwarders
Review cloud ingestion strategies
Understand the role of forwarders in GDI
Configure forwarding to Splunk Cloud
Monitor forwarder connectivity
Explore optional forwarder settings
Module 6 – Forwarder Management
Describe Splunk Deployment Server
Explain the use of forwarder management
Configure forwarders to be deployment clients
Managing forwarders using deployment apps
Module 7 – Monitor Inputs
Describe the Splunk process for inputting data
Create file and directory monitor inputs
Use optional settings for monitor inputs
Module 8 – Cloud Ingestion – Using API, Scripted and HEC Inputs
Understand how data is ingested using API
Know how to deploy scripted inputs
Describe how to use HEC for ingestion
Module 9 – Cloud Ingestion – Application Based Inputs
Understand how Inputs are managed using i apps or add-ons
Describe how customers may use Splunk Stream app
Deploy Cloud inputs for use on as IDM
Module 10 – Fine-tuning Inputs
Describe the default processing that occurs during the input phase
Configure input phase options, such as source type fine-tuning and character set encoding
Module 11 – Parsing Phase and Data Preview
Describe the default processing that occurs during parsing
Optimize and configure event line breaking
Explain how timestamps and time zones are extracted or assigned to events
Use Data Preview to validate event creation during the parsing phase
Module 12 – Manipulating Raw Data
Explain how data transformations are defined and invoked
Use transformations with props.conf and transforms.conf to modify raw data
Use SECCMD to modify raw data
Module 13 – Installing and Managing Apps
Understand how apps and add-ons are vetted and installed in Cloud
Create apps to managing and distribute configurations
Module 14 – Splunk Cloud Support and Troubleshooting
Troubleshooting Splunk Deployments
Collecting data and use diagnostics or monitoring to investigate
Overview of how to collect the relevant data for support to troubleshoot
Certifikát
Na dotaz.
Hodnotenie
Organizátor
Podobné kurzy
podľa názvu a lokality