• Post category:StudyBullet-7
  • Reading time:11 mins read


Get Hands-on with Splunk 8 and Prepare to Pass the Splunk Enterprise Certified Admin Exam

What you will learn

Prepare for the Splunk Enterprise 8.x Certified Admin exam!

Learn how to deploy Splunk in different environments and with different architectures

Understand how Splunk license management works

Explore Splunk apps and the thriving Splunkbase community

Master all aspects of Splunk configuration files

Users, roles, and authentication

Get data into Splunk

Build distributed search head clusters

Understand how Splunk processes data

Description

LEARN SPLUNK, GET THE SPLUNK ENTERPRISE CERTIFIED ADMIN CREDENTIAL

Hey everyone!

You know me, I’m the most popular Splunk instructor here on Udemy. You’ve perhaps taken my Complete Splunk Beginner’s Course, and you’ve been waiting for a course that’s structured to help you earn the Splunk Enterprise Certified Admin certification.

Look no further! This is the first—and most comprehensive—course that covers the latest versions of Splunk Enterprise and Splunk Cloud Platform.

A recent student said


Get Instant Notification of New Courses on our Telegram channel.


“Thanks for making this course, it was very useful. I did the exam and got the Admin cert.” – Gustavs

In this class, we will cover everything on the exam blueprint in a fun and engaging way. We will provide you with the tools you need to pass the exam and get certified, including:

  • Demos
  • Exercises
  • Quizzes
  • Homework

Whether you’ve inherited a Splunk environment, are building one from scratch, or are simply curious about Splunk, this course was designed specifically for you!

We’ll cover it all, from installing Splunk for the first time to architecting advanced distributed Splunk environments for large enterprises. We’ll talk about search head clustering, heavy forwarders, indexer clustering, configuration files, authentication (yes, even with LDAP), and much more.

I look forward to working with you in this course, and in future courses!

English
language

Content

Introduction

Welcome to this course!
Demo: Analyzing some data

Splunk Admin Basics

The Basics of Splunking
Splunk installation options
Demo: installing Splunk in Linux
Demo: installing Splunk in Windows
Demo: installing Splunk in MacOS
Identify Splunk components
Section 2 Quiz

License Management

License to Splunk
Identify license types
Understand license violations
Distributed Licensing
Demo: licensing
Section 3 Quiz

Splunk Configuration Files

Configuration Files
Describe Splunk configuration directory structure
Understand configuration layering and precedence
Demo: Use btool to examine configuration settings (demo)
Section 4 Quiz

Splunk Indexes

All About Indexes
Describe index structure
List types of index buckets
Check index data integrity
Describe indexes.conf options
Describe the fishbucket
Demo: Create an index
Demo: Apply a data retention policy
Demo: Exploring buckets in the Splunk file system
Check hashes to validate data
Section 5 Quiz

Splunk User Management

How to Win Friends and Manage Users
Describe user roles in Splunk
Demo: Create a custom role and add Splunk users
Section 6 Quiz

Splunk Authentication Management

Authentication Management
Integrate Splunk with LDAP
List other user authentication options
Describe the steps to enable Multifactor Authentication in Splunk
Demo (1/2): Integrate Splunk with LDAP
Demo (2/2): Integrate Splunk with LDAP
Section 7 Quiz

Getting Data In

Getting Data In
The Splunk data pipeline
Describe the basic settings for an input and list forwarder types
Demo (1/3): Configure forwarders, receiving, monitoring
Demo (2/3): Configure forwarders, receiving, monitoring
Demo (3/3): Configure forwarders, receiving, monitoring
Section 8 Quiz

Distributed Search

Distributed Search
Describe how distributed search works; search heads and peers
Configuring a distributed search group
Demo: Configure a distributed search head cluster
Section 9 Quiz

Getting Data In – Staging

All the World is Staging
List the three phases of the Splunk Indexing process; input options
Section 10 Quiz

Configuring Forwarders

Configuring Forwarders
Configuring forwarders
Identify additional Forwarder options
Demo (1/2): Configure forwarders
Demo (2/2): Configure forwarders
Section 11 Quiz

Forwarder Management

Forwarder Management
Deployment management; deployment server
Deployment apps; deployment clients
Demo: Configure deployment servers, clients, and apps
Section 12 Quiz

Monitor Inputs

Monitor Inputs
Monitor inputs (file, directory; remote, local)
Demo: Configure local and remote monitor inputs
Section 13 Quiz

Network and Scripted Inputs

Network and Scripted Inputs
Network inputs
Scripted inputs
Demo: Create a network input and configure a scripted input
Section 14 Quiz

Agentless Inputs

Agentless Inputs
Identify Windows input types and uses
Describe HTTP Event Collector
Demo: The HTTP Event Collector
Section 15 Quiz

Fine Tuning Inputs

Fine Tuning Inputs
All about the input phase
Section 16 Quiz

Parsing Phase and Data

Parsing Phase and Data
Understand the default processing that occurs during parsing
Use Data Preview to validate event creation during the parsing phase (demo)
Section 17 Quiz

Manipulating Raw Data

Manipulating Raw Data
Why transform and mask data?
Use transformations with props.conf and transforms.conf
Use SEDCMD to modify raw data
Demo: Use SEDCMD to modify raw data
Section 18 Quiz

Conclusion

Go Forward and Splunk