Splunk Fast Start: Fundamentals 2, System Administration and Data Administation

This five-day instructor-led training includes the three key courses "Splunk Fundamentals 2", "Splunk Enterprise System Administration" and "Splunk Enterprise Data Administration". This training course will prepare the students for the Splunk Certified Power User and Splunk Certified Admin exams.

Prerequisites

Splunk Fundamentals 1

Course content

The track includes the 3 courses below:

 

1) Splunk Fundamentals 2

This course focuses on additional SPL commands, using field aliases and calculated fields, creating tags and event types, using macros, creating data models, and normalizing data with the CIM.

Course Topics:

  • Transforming commands and visualization
  • Filtering and formatting
  • Results
  • Correlating events
  • Knowledge objects
  • Fields (Field aliases, field extractions, calculated fields)
  • Tags and event types
  • Macros
  • Workflow actions
  • Data models
  • Splunk Common Information Model (CIM)

 

2) Splunk Enterprise System Administration

This 2 day course is designed for system administrators who manage a Splunk Enterprise environment. Topics include Splunk license manager, indexers and search heads, configuration, management, and monitoring.

Course Topics:

  • Splunk Deployment Overview
  • License Management
  • Splunk Apps
  • Splunk Configuration Files
  • Users, Roles, and Authentication
  • Getting Data In
  • Distributed Search
  • Introduction to Splunk Clusters

 

3) Splunk Enterprise Data Administration

This 3 day course is for data administrators who are responsible for getting data into Splunk. The course provides content about Splunk forwarders and methods to get remote data into Splunk.

Course Topics:

  • Deploy forwarders with Forwarder Management
  • Splunk Configuration Files
  • Configure common Splunk data inputs
  • Customize the input parsing process

Certification

This course will prepare the students for the Splunk Certified Power User and Splunk Certified Admin exams.