Splunk Administration


Overview/Description
Target Audience
Prerequisites
Expected Duration
Lesson Objectives
Course Number
Expertise Level


Overview/Description
Splunk is a complex system of multiple interoperating components, as such it offers a great deal of configuration options. Other Splunk administrative tasks include creating and managing alerts and planning server capacity. In this course, you will learn how to configure Splunk to meet your requirements. You'll also learn how to set up alerts, plan server capacity, and manage Splunk servers.

Target Audience
Personnel at all levels of an enterprise seeking to attain competency in Splunk

Prerequisites
None

Expected Duration (hours)
1.7

Lesson Objectives

Splunk Administration

  • start the course
  • log into and identify Splunk Web Administration components
  • identify the default Splunk dashboards and customize the banner messages
  • add and manage users and roles in Splunk
  • work with Splunk configuration files
  • identify the order in which Splunk applies configuration directives and attributes
  • copy and edit the Splunk configuration files
  • access the Splunk command line interface or CLI
  • utilize the built-in help functions of the Splunk command line interface or CLI
  • administer the remote Splunk deployments using administrative commands
  • start and stop the Splunk service on multiple platforms, and configure Splunk to start at boot
  • change the default values in a Splunk installation and apply a license
  • bind Splunk to an IPv4 and/or IPv6 address
  • upgrade an existing Splunk instance on a Unix or Windows system
  • migrate indexes and data to a new server
  • identify the different types of alerts in Splunk
  • utilize throttling to limit the Splunk alerts and set alert permissions
  • construct per-result and rolling-window alerts in Splunk
  • create scheduled alerts in Splunk
  • edit and expand the functionality of a Splunk alert
  • configure Splunk to send an e-mail during an alert condition
  • configure the alternate alert modes in Splunk
  • construct triggered alerts
  • identify the data performance issues in Splunk
  • identify the other performance issues in Splunk
  • determine the Splunk storage requirements
  • scale a Splunk deployment to meet requirements
  • create users and roles in Splunk

    • Course Number:
    df_oifs_a03_it_enus

    Expertise Level
    Beginner