Library

Course: Splunk 2019 - Beginner to Architect

Splunk 2019 - Beginner to Architect

  • Life Time Access
  • Certificate on Completion
  • Access on Android and iOS App
About this Course

Splunk 2019 - Beginner to Architect is a course specifically designed for beginners who wants to master Splunk. 

This course starts from absolute ground up level and step by step we build our solid foundation in Splunk to master various aspects related to writing SPL queries, building dashboards, distributed splunk architectures, as well as building highly available clustered setup for Splunk.

With tons of practicals, easy to understand videos, and great Support from our Instructor in-case of doubts, this course is all you need to build solid foundation in Splunk.

Who is the target audience?

  • Individuals who are looking to have solid foundation in Splunk
Basic knowledge
  • Computer with Internet Connection
What you will learn
  • Build Highly Available Clustering Architectures
  • Design and Create Dashboards to detect anomalies
  • Implementing Splunk in Docker Containers
  • Troubleshooting and Industry Best Practices in Managing Splunk 
Curriculum
Number of Lectures: 78
Total Duration: 10:41:44
Introduction to Splunk & Setting Up Labs
  • Introduction to Splunk  
  • Introduction to Docker Containers  
  • Setting up Docker Environment  
  • Installing Splunk - Docker Approach  
  • Installation of Splunk - RPM Approach  
  • Splunk Licensing Model  
  • Splunk Developer 10GB License  
  • Importing License into Splunk  
Getting Started with Splunk
  • Importing Data to Splunk  
  • Security Use-Case - Finding Attack Vectors  
  • Search Processing Language (SPL)  
  • Splunk Search Assistant  
  • Splunk Reports  
  • Splunk Report - Email Clarification (Followup)  
  • Understanding Add-Ons and Apps  
  • Splunk Add-On for AWS  
  • Splunk App for AWS  
  • Overview of Dashboards and Panels  
  • Building Dashboard Inputs - Time Range Picker  
  • Building Dashboard Inputs - Text Box  
  • Building Dashboard Inputs - Dynamic DropDown  
  • Building Dashboard Inputs - Drop down  
Splunk Architecture
  • Directory Structure of Splunk  
  • Splunk Configuration Directories  
  • Splunk Configuration Precedence  
  • Splunk Configuration Precedence - Apps and Locals  
  • Introduction to Indexes  
  • Bucket Lifecycle  
  • Warm to Cold Bucket Migration  
  • Archiving Data to Frozen Path  
  • Thawing Process  
  • Splunk Workflow Actions  
Forwarder & User Management
  • Overview of Universal Forwarders  
  • Installing Universal Forwarder in Linux  
  • Challenges in Forwarder Management  
  • Introduction to Deployment Server  
  • ServerClass and Deployment Apps  
  • Creating Custom Add-Ons for deployment  
  • Pushing Splunk Linux Add-On via Deployment Server  
Post Installation Activities
  • Understanding Regular Expressions  
  • Parsing Web Server Logs & Named Group Expression  
  • Importance of Source Types  
  • Interactive Field Extractor (IFX)  
  • props.conf and transforms.conf  
  • Splunk Event Types  
  • Tags  
  • Splunk Events Types Priority and Coloring Scheme  
  • Splunk Lookups  
  • Splunk Alerts  
Security Primer
  • Access Control  
  • Creating Custom Roles & Capabilities  
Distributed Splunk Architecture
  • Overview of Distributed Splunk Architecture  
  • Understanding License Master  
  • Implementing License Master  
  • License Pools  
  • Indexer  
  • Masking Sensitive Data at Index Time  
  • Search Head  
  • Splunk Monitoring Console  
Indexer Clustering
  • Overview of Indexer Clustering  
  • Deploying Infrastructure for Indexer Cluster  
  • Master Indexer  
  • Peer Indexers  
  • Testing Replication and Failover capabilities  
  • Configuration Bundle  
  • Configuration Bundle - Part 02  
  • Forwarding Logs to Indexer Cluster  
  • Indexer Discovery  
Search Head Clustering
  • Overview of Search Head Clusters  
  • Deploying Infrastructure for Search Head Cluster  
  • Configuring Cluster Setup on Search Heads  
  • Validating Search Head Replication  
  • Pushing Artifacts through Deployer  
  • Connecting Search Head Cluster to Indexer Cluster  
Advanced Splunk Concepts
  • Using Btool for Troublshooting  
  • Overview of Data Models  
  • Creating Data Model - Practical  
  • Splunk Support Programs  
Zeal
Author

Rating
Enrolled Students
(51)
Level
Beginner
Price
$ 32.00
Course Language
English
Reviews (0)