Splunk Enterprise Certified Administrator
Offered By: Cybrary
Course Description
Overview
This course is intended to prepare a Splunk Professional to take the Splunk Enterprise Certified Administrator certification.
We will go over all the different Splunk components that may be in a Splunk deployment, how Splunk licensing works, the configuration files that determine how Splunk works under the hood, the indexing process, managing users, authentication, and authorization in Splunk, configuring forwarders, ingesting data from a variety of different sources, and how to tune data inputs to enhance performance, reporting, and user experience.
Target audience
This course is intended for Splunk professionals that currently hold a Splunk Power User certification and have 1+ years of Splunk experience.
Prerequisites
- Splunk Power User
- Basic understanding of Linux and Windows system administration
- Basic understanding of computer networking
Course Goals
By the end of this course, students should be able to:
- Pass the Splunk Core Certified Administrator Exam
- Understand Splunk Components and Deployments
- Ingest Data into Splunk
- Manage Splunk Clients and Deploy Apps
- Understand and Configure Splunk Authentication and Authorization
Syllabus
- Overview
- Course Introduction
- Course Overview
- Splunk Admin Basics
- Splunk Overview
- Splunk Components
- Splunk Architectures
- Licensing
- License Types
- License Violations
- Configuring a License Server
- Configuration Files
- Config File Overview
- How Configs are Applied
- When Configs are Applied
- Btool Lab
- Indexing
- Index Structure
- Data Lifecycle
- Thaw Frozen Data Lab
- Indexes.conf
- Configure an Indexer Lab
- User Management
- Authentication Options
- Access and Authorization in Splunk
- Splunk Enterprise
- Forwarders
- Splunk Forwarder
- Configuring a Forwarder Lab
- Managing Forwarders Lab
- Distributed Search
- Distributed Search Overview
- Configuring Distributed Search Lab
- Search Head Clustering
- Getting Data In
- Data Input Options
- Monitor/Batch Inputs Lab
- Fishbucket Overview
- Fishbucket Lab
- Network Input Lab
- Scripted Input Lab
- HTTP Event Collector Lab
- Windows Input Lab
- Tuning Inputs
- Data Pipelines
- Props and Transforms
- Using Props and Rekeying Indexed Fields Lab
- Masking Data Lab
Taught by
Anthony Fecondo
Related Courses
Splunk Deep DiveA Cloud Guru Big Data - Capstone Project
University of California, San Diego via Coursera Introduction to Splunk
Cybrary Introduction to SIEM Tools
Cybrary Monitoring Network Traffic with SIEM
Cybrary