Splunk System and Data Administration

Splunk System and Data Administration takes you to the next level in working with Splunk. This is the logical step, once you have completed Fundamentals 1 and 2, to master configuring and managing Splunk. The Splunk System Administration and Data Administration training courses are offered together as a four-day course. The training is ideal for users of the Splunk environment and those responsible for linking external sources to Splunk. Scenario based examples are common practice during this course as well.


Before you can participate, you must have completed Splunk Fundamentals 1 and Fundamentals 2.

The following topics will be addressed during the training:

  • Splunk applications
  • Users, roles and authentication methods
  • Configuration files
  • Indexing of data in Splunk
  • Configuring Splunk data input

Course Topics

  • Splunk Deployment Overview
  • License Management
  • Splunk Apps
  • Splunk Configuration Files
  • Users, Roles, and Authentication
  • Getting Data In
  • Distributed Search
  • Introduction to Splunk Clusters
  • Deploy forwarders with Forwarder Management
  • Splunk Configuration Files
  • Configure common Splunk data inputs
  • Customize the input parsing process