Splunk Infrastructure Overview (eLearning)

This self-paced course gives users an overview of the Splunk Enterprise infrastructure. Users get a high-level look at how to grow a Splunk deployment from a single instance to a distributed environment. With tips and best practices for deploying, extending and integrating Splunk while showing the user what is happening behind the scenes.

Get this course »

Course Prerequisites

  • Using Splunk
  • OR equivalent Splunk experience.

Class Format

Self-paced eLearning with 30 day access

Course Topics

Module 1 - Splunk Components

  • Identify Components
  • How Splunk Scales

Module 2 - Pre-installation

  • Hardware Requirements
  • Installing on Virtual Environments
  • Permissions
  • Time Syncing
  • What is Splunkd
  • Port Information

Module 3 - Installing Splunk

  • Installing on Linux
  • Installing on Windows
  • Installing Components
  • SplunkWeb Administration
  • Splunk Directory Structure

Module 4 - The Splunk Pipeline

  • How Data Flows
  • Licensing
  • .conf Files

Module 5 - Indexes

  • Overview of Indexes
  • Using Multiple Indexes
  • Buckets
  • Creating Indexes

Module 6 - Users and Roles

  • Users
  • Roles
  • Methods

Module 7 - Data Inputs

  • Overview of Inputs
  • Upload Input
  • Monitor Input
  • Universal Forwarder
  • Heavy Forwarder
  • SSL for Forwarded Data
  • Apps and Add-ons

Module 8 - Growing Your Deployment

  • Setting up Search Peers
  • DMC Overview