Splunk Enterprise System Administration
Course Description
Splunk Enterprise System Administration course is designed for system administrators who manage a Splunk Enterprise environment. This course provides the fundamental knowledge of Splunk license manager, indexers and search heads. It covers configuration, management, and monitoring core Splunk Enterprise components.
All Courses Idea
Course Objectives
Module 1 - Splunk Developer Overview
- Splunk overview
- Identify Splunk components
- Identify Splunk system administrator role
Module 2 - License Management
- Identify license types
- Describe license violations
- Add and remove licenses
Module 3 - Splunk Apps
- Describe Splunk apps and add-ons
- Install an app on a Splunk instance
- Manage app accessibility and permissions
Module 4 - Splunk Configuration Files
- Describe Splunk configuration directory structure
- Understand configuration layering process
- Use btool to examine configuration settings
Module 5 - Splunk Indexes
- Describe index structure
- List types of index buckets
- Create new indexes
- Monitor indexes with Monitoring Console
Module 6 - Splunk Index Management
- Apply a data retention policy
- Backup data on indexers
- Delete data from an index
- Restore frozen data
Module 7 - Splunk User Management
- Describe user roles in Splunk
- Create a custom role
- Add Splunk users
Module 8 - Splunk Authentication Management
- Integrate Splunk with LDAP
- List other user authentication options
- Describe the steps to enable Multifactor Authentication in Splunk
Module 9 - Getting Data In
- Describe the basic settings for an input
- List Splunk forwarder types
- Configure the forwarder
- Add an input to UF using CLI
Module 10 - Distributed Search
- Describe how distributed search works
- Explain the roles of the search head and search peers
- Configure a distributed search group
Knowledge of Linux/ Windows Administration.
The new certification for User / Admin is valid for two years and for Architect, Developer, ES or ITSI this is three years. This is from the moment the certificate is obtained. The certification costs are $ 125 per required exam.
This certification exam is a 57-minute, 68-question assessment. ​ Candidates can expect an additional 3 minutes to review the exam agreement, for a total seat time of 60 minutes.