Trainings Übersicht
Rabatte, Aktionen und Förderungen
English language trainings
Lighthouse Expert Series
Lernformen
Feedback
Garantie
Hotels
Restaurants
Seminarinhalt
Programm
System Administration
Module 1 – Deploying Splunk
Provide an overview of Splunk
Identify Splunk Enterprise components
Identify the types of Splunk deployments
List the steps to install Splunk
Use Splunk CLI commands
Explore security best practices
Module 2 – Monitoring Splunk
Use Splunk Health Report
Enable the Monitoring Console (MC)
Use Splunk Assist Use Splunk Diag
Module 3 – Licensing Splunk
Identify Splunk license types
Describe license violations
Add and remove licenses
Module 4 – Using Configuration Files
Describe Splunk configuration directory structure
Understand configuration layering process
Use btool to examine configuration settings
Module 5 – Using Apps
Describe Splunk apps and add-ons
Install an app on a Splunk instance
Manage app accessibility and permissions
Module 6 – Creating Indexes
Learn how Splunk indexes function
Identify the types of index buckets
Add and work with indexes
Overview of metrics index
Module 7 – Managing Index
Review Splunk Index Management basics
Identify data retention recommendations
Identify backup recommendations
Move and delete index data
Describe the use of the Fishbucket
Restore a frozen bucket
Module 8 – Managing Users
Add Splunk users using native authentication
Describe user roles in Splunk
Create a custom role Manage users in Splunk
Module 9 – Configuring Basic Forwarding
Identify forwarder configuration steps
Configure a Universal Forwarder
Understand the Deployment Server
Module 10 – Configuring Distributed Search
Describe how distributed search works
Define the roles of the search head and search peers
Data Administration
Module 1 – Getting Data Into Splunk
Provide an overview of Splunk
Describe the Splunk distributed model
Describe data input types and metadata settings
Configure initial input testing with Splunk Web
Testing Indexes with input staging
Module 2 –Config Files and Apps
Identify Splunk configuration files and directories
Describe index-time and search-time precedence
Validate and update configuration files
Explore Splunk apps and app installation
Module 3 – Configuring Forwarders
Configure Universal Forwarders
Configure Heavy Forwarders
Module 4 – Customizing Forwarders
Configure intermediate forwarders
Identify additional forwarder options
Module 5 – Managing Forwarders
Describe Splunk Deployment Server (DS)
Manage forwarders using deployment apps
Configure deployment clients and client groups
Monitor forwarder management activities
Module 6 – Monitor Inputs
Create file and directory monitor inputs
Use optional settings for monitor inputs
Deploy a remote monitor input
Module 7 – Network Inputs
Create network (TCP and UDP) inputs
Describe optional settings for network inputs
Module 8 – Scripted Inputs
Create a basic scripted input
Module 9 – Agentless Inputs
Configure Splunk HTTP Event Collector (HEC) agentless input
Describe Splunk App for Stream
Module 10 – Operating System Inputs
Identify Linux-specific inputs
Identify Windows-specific inputs
Module 11 – Fine-tuning Inputs
Understand the default processing that occurs during input phase
Configure input phase options, such as source type fine-tuning and character set encoding
Module 12 – Parsing Phase and Data Preview
Understand the default processing that occurs during parsing
Optimize and configure event line breaking
Explain how timestamps and time zones are extracted or assigned to events
Use Data Preview to validate event creation during parsing phase
Module 13 – Manipulating Input Data
Explore Splunk transformation methods
Create rulesets with Ingest Actions
Mask data with Ingest Action rules
Mask data with SEDCMD and TRANSFORMS
Override sourcetype or host based upon event values
Module 14 – Routing Input Data
Filter data with Ingest Action rules
Route data with Ingest Action rules
Route data with TRANSFORMS
Module 15 – Supporting Knowledge Objects
Define default and custom search time field extractions
Identify the pros and cons of indexed time field extractions
Configure indexed field extractions
Describe default search time extractions
Manage orphaned knowledge objects
Module 1 – Deploying Splunk
Provide an overview of Splunk Identify Splunk Enterprise components Identify the types of Splunk deployments List the steps to install Splunk Use Splunk CLI commands Explore security best practicesModule 2 – Monitoring Splunk
Use Splunk Health Report Enable the Monitoring Console (MC) Use Splunk Assist Use Splunk DiagModule 3 – Licensing Splunk
Identify Splunk license types Describe license violations Add and remove licensesModule 4 – Using Configuration Files
Describe Splunk configuration directory structure Understand configuration layering process Use btool to examine configuration settingsModule 5 – Using Apps
Describe Splunk apps and add-ons Install an app on a Splunk instance Manage app accessibility and permissionsModule 6 – Creating Indexes
Learn how Splunk indexes function Identify the types of index buckets Add and work with indexes Overview of metrics indexModule 7 – Managing Index
Review Splunk Index Management basics Identify data retention recommendations Identify backup recommendations Move and delete index data Describe the use of the Fishbucket Restore a frozen bucketModule 8 – Managing Users
Add Splunk users using native authentication Describe user roles in Splunk Create a custom role Manage users in SplunkModule 9 – Configuring Basic Forwarding
Identify forwarder configuration steps Configure a Universal Forwarder Understand the Deployment ServerModule 10 – Configuring Distributed Search
Describe how distributed search works Define the roles of the search head and search peersData Administration
Module 1 – Getting Data Into Splunk
Provide an overview of Splunk Describe the Splunk distributed model Describe data input types and metadata settings Configure initial input testing with Splunk Web Testing Indexes with input stagingModule 2 –Config Files and Apps
Identify Splunk configuration files and directories Describe index-time and search-time precedence Validate and update configuration files Explore Splunk apps and app installationModule 3 – Configuring Forwarders
Configure Universal Forwarders Configure Heavy ForwardersModule 4 – Customizing Forwarders
Configure intermediate forwarders Identify additional forwarder optionsModule 5 – Managing Forwarders
Describe Splunk Deployment Server (DS) Manage forwarders using deployment apps Configure deployment clients and client groups Monitor forwarder management activitiesModule 6 – Monitor Inputs
Create file and directory monitor inputs Use optional settings for monitor inputs Deploy a remote monitor inputModule 7 – Network Inputs
Create network (TCP and UDP) inputs Describe optional settings for network inputsModule 8 – Scripted Inputs
Create a basic scripted inputModule 9 – Agentless Inputs
Configure Splunk HTTP Event Collector (HEC) agentless input Describe Splunk App for StreamModule 10 – Operating System Inputs
Identify Linux-specific inputs Identify Windows-specific inputsModule 11 – Fine-tuning Inputs
Understand the default processing that occurs during input phase Configure input phase options, such as source type fine-tuning and character set encodingModule 12 – Parsing Phase and Data Preview
Understand the default processing that occurs during parsing Optimize and configure event line breaking Explain how timestamps and time zones are extracted or assigned to events Use Data Preview to validate event creation during parsing phaseModule 13 – Manipulating Input Data
Explore Splunk transformation methods Create rulesets with Ingest Actions Mask data with Ingest Action rules Mask data with SEDCMD and TRANSFORMS Override sourcetype or host based upon event valuesModule 14 – Routing Input Data
Filter data with Ingest Action rules Route data with Ingest Action rules Route data with TRANSFORMSModule 15 – Supporting Knowledge Objects
Define default and custom search time field extractions Identify the pros and cons of indexed time field extractions Configure indexed field extractions Describe default search time extractions Manage orphaned knowledge objects
Zielgruppen
Vorkenntnisse
Trainings zur Vorbereitung
Wichtige Information
Dieser Fast-Track bereitet Sie auf die Examen Splunk Certified Power User und Splunk Enterprise Certified Admin vor. Beide Examen können über Pearson Vue abgelegt werden.
