TrainersGlobe - Trainings,Interview,Job Support
TrainersGlobe Demo Class arrow New Bacth Details
 
Title Date and Time Type
Splunk Admin Development Online Trainings Sup Sat 28th-Oct-2017 @ 05:00 PM (IST) New Batch

Details:

Splunk  Admin Course Contents

Module 1 - 2 hours

Splunk Overview - Splunk package and components - Installation procedure in various OS -  Splunk Architecture Basic Overview - Splunk Ports and Protocol Management

 

Module 2 - 3 hours

Set up forwarding and receiving - Types of forwarders - Forwarder Deployment Topologies - Universal forwarder - Overview and limitations - Forwarding configuration - Heavy forwarder (Deployment and Capabilities)- Routing and filtering data - Third-party routing from Splunk - Functionalities of Universal and Heavy Forwarder

 

Module 3 - 3 hours

Deployment Server and Forwarder Management - Configure the Deployment Server-Client Architecture - License Management - Users,roles and authentication - Splunk configuration files overview - Data feeds - Data parsing and indexing - Analyzing the Data 

 

Module 4 - 6 hours

Overview of Indexers and Indexes - Indexer Capabilities - Working model of Indexers - Installation and Configuration of Standalone Indexer - Managing index and index storage - Understanding Index Buckets and Data Ageing - Retention and archiving policy - Basic Cluster Architecture - Clustering Terms - Types of Clustering - Single-site Cluster Deployment - Multi-site Cluster Deployment - Role of Master and peers - Managing the cluster

 

Module 5 -6 hours

Overview of Splunk Search head and configuration - Distributed Search - Deployment of Distributed Search - Knowledge Bundles - Search head pooling - Overview of Search head clustering - Understanding Clustering Terms - Configuration of Clustering - Integrate Indexers and Search-heads - Mounted Bundles - Understanding Clustered Architecture - Search Artifacts

 

Module 6 - 4 hours

Basic Overview of Splunk Search - SPL Language - Create Simple Dashboards - Setting up Alerts and Reports - Common Search Commands - Troubleshooting Steps

 

 

 

 

 

Splunk Development Course Content

 

Module 1 - 2 hours

Splunk Overview - Prerequisites and Installing Splunk Enterprise - Navigating Splunk Web - On-boarding data into Splunk Enterprise 

 

Module 2 - 3 hours

Splunk knowledge objects Overview - Classify and group events - Define and Maintain Event types -  Tags creation - Field extractions - Field Extractor - Search-time field extractions - Regular expression overview - Extract fields with search commands - Create custom fields at index time - Overview of Lookups - Usage of Field lookups to add info to your events - Configuring and customizing Lookups -- Saved Searches - Splunk CIM Overview and its correlation - Specify Cron Notation 

 

Module 3 - 4 hours

Types of searches - Retrieving events - Specifying time ranges - Using subsearch - Creating statistical tables and charts - Grouping and correlating events - Predicting future events -Common search commands - Best practices in optimizing search - Functions for eval and stats command - Application of the following search commands by category - Correlation - Anomaly Detection - Reporting - Geographic - Prediction and Trending - Search and Sub-search commands - Time commands - Formats for converting strings into time-stamps - Understanding SPL syntax - Usage of Keywords and Boolean operators 

 

Module 4 - 4 hours

Views Overview - Simple XML - Dashboards Overview - Functionalities - Panel creation and customization - Drilldowns - Employing Queries in Dashboards - Implementing JavaScript and CSS into Dashboards - Forms Creation - Form inputs definition - Macros Overview - Understanding of Data Models

 

Module 5 - 2 hours

Alerts Overview - Types of Alerts - Setup Alert actions - Scheduled Alert - Real time Alert - Custom conditional Alerts - Triggered Alerts - Alert Manager Usage - Alert Functionalities - Alert examples - Alerts via savedsearch.conf - Usage of Tokens - Troubleshooting Steps 

 

Module 6 - 2 hours

Reporting Overview - Create and Edit Reports - Accelerate Report - Setup Scheduled Reports - Customize Report Formats - Report Functionalities - Report examples - Report via savedsearch.conf - Usage of Tokens - Troubleshooting Steps 

 

Module 7 - 3 hours

Walk-through over Splunk Apps - Basic Understanding of Splunk App creation