Detail kurzu

Splunk Cloud Administration

EDU Trainings s.r.o.

Popis kurzu

This 18-hour hands-on course prepares administrators to manage users and get data in Splunk Cloud. Modules include data inputs and forwarder configuration, data management, user accounts, and basic monitoring and problem isolation.
The course provides administrators with the skills, knowledge and best practices for data management and system configuration for data collection and ingestion in a Splunk Cloud environment to maintain a productive Splunk SaaS deployment.

Obsah kurzu

Module 1 – Splunk Cloud Overview

Describe Cloud topology
Describe tasks managed by the Splunk cloud administrator
List the primary differences between Splunk Cloud and Splunk Enterprise
List differences between Self-Service Cloud and Managed Cloud

Module 2 – Index Management

Define a Splunk Index
Create indexes in cloud
Delete data from an index
Monitor indexing activities

Module 3 – User Authentication and Authorization

Administer Splunk user roles
Integrate Splunk with LDAP, Active Directory, or SAML

Module 4 – Splunk Configuration Files

Review Splunk configuration files and directories
Review configuration file precedence
Review index and search time processes

Module 5 – Cloud Ingestion – Using Splunk Forwarders

Review cloud ingestion strategies
Understand the role of forwarders in GDI
Configure forwarding to Splunk Cloud
Monitor forwarder connectivity
Explore optional forwarder settings

Module 6 – Forwarder Management

Describe Splunk Deployment Server
Explain the use of forwarder management
Configure forwarders to be deployment clients
Managing forwarders using deployment apps

Module 7 – Monitor Inputs

Describe the Splunk process for inputting data
Create file and directory monitor inputs
Use optional settings for monitor inputs

Module 8 – Cloud Ingestion – Using API, Scripted and HEC Inputs

Understand how data is ingested using API
Know how to deploy scripted inputs
Describe how to use HEC for ingestion

Module 9 – Cloud Ingestion – Application Based Inputs

Understand how Inputs are managed using i apps or add-ons
Describe how customers may use Splunk Stream app
Deploy Cloud inputs for use on as IDM

Module 10 – Fine-tuning Inputs

Describe the default processing that occurs during the input phase
Configure input phase options, such as source type fine-tuning and character set encoding

Module 11 – Parsing Phase and Data Preview

Describe the default processing that occurs during parsing
Optimize and configure event line breaking
Explain how timestamps and time zones are extracted or assigned to events
Use Data Preview to validate event creation during the parsing phase

Module 12 – Manipulating Raw Data

Explain how data transformations are defined and invoked
Use transformations with props.conf and transforms.conf to modify raw data
Use SECCMD to modify raw data

Module 13 – Installing and Managing Apps

Understand how apps and add-ons are vetted and installed in Cloud
Create apps to managing and distribute configurations

Module 14 – Splunk Cloud Support and Troubleshooting

Troubleshooting Splunk Deployments
Collecting data and use diagnostics or monitoring to investigate
Overview of how to collect the relevant data for support to troubleshoot
Certifikát Na dotaz.
Hodnotenie




Organizátor



Ďalšie termíny kurzu
Termín Cena Miesto konania Zarezervovať