Skip to main content

Splunk Training + Certification

Architecting Splunk Enterprise Deployments

QUICK LINKS   

My Training Profile | Splunk Education Student Handbook

Course Description

This 9-hour course focuses on large enterprise deployments. Students will learn steps and best practices for planning, data collection and sizing for a distributed deployment.

 

Download Course Description

Instructor-led Training Schedule

View Schedule

Prerequisite Knowledge

To be successful, students should have a solid understanding of the following courses:
  • What is Splunk?
  • Intro to Splunk
  • Using Fields
  • Introduction to Knowledge Objects
  • Creating Knowledge Objects
  • Creating Field Extractions

Or the following legacy courses:

 

  • Splunk Fundamentals 1 & 2
Students should also understand the following advanced coursework:
  • Splunk Enterprise System Administration
  • Splunk Enterprise Data Administration

Course Topics

  • Requirements definition
  • Index and infrastructure planning
  • Data collection
  • Forwarders
  • Managing Deployments
  • Data comprehension
  • Search considerations
  • Operations and management

Course Objectives
 

Module 1 – Introduction
  • Overview of the Splunk deployment planning process and associated tools
 
Module 2 – Project Requirements
  • Identify critical information about environment, volume, users, and requirements
  • Review checklists and resources to aid in collecting requirements
 
Module 3 – Infrastructure Planning: Index Design
  • Design and size indexes
  • Estimate storage requirements
  • Identify relevant apps 
 
Module 4 – Infrastructure Planning: Resource Planning
  • List sizing factors for servers
  • Describe how reference hardware is used to scale deployments
  • Identify the impact of clustering for index replication and for search heads
 
Module 5 - Clustering Overview
  • Describe the different clustering capabilities
  • Introduce the concepts of indexer and search head clustering
 
Module 6 - Forwarder and Deployment Best Practices
  • Review types of forwarders
  • Describe how to manage forwarder installation
  • Review configuration management for all Splunk components, using Splunk deployment tools
  • Provide best practices for a Splunk deployment
 
Module 7 - Integration 
  • Describe integration methods
  • Identify common integration points
 
Module 8 – Performance Monitoring and Tuning
  • Use the Monitoring Console to track test environment performance
  • List options to fine tune performance for production environment
 
Module 9 – Use Cases
  • Provide example architecture topologies 
  • Discuss different architecture options based on use case
PLATFORM
PLATFORM
SECURITY
SECURITY
OBSERVABILITY
OBSERVABILITY
SOLUTIONS BY INITIATIVE
SOLUTIONS BY INITIATIVE
SOLUTIONS BY FUNCTION
SOLUTIONS BY FUNCTION
SOLUTIONS BY INDUSTRY
SOLUTIONS BY INDUSTRY
WHY SPLUNK?
WHY SPLUNK?
SUPPORT
SUPPORT
RESOURCES
RESOURCES
FOR DEVELOPERS
FOR DEVELOPERS
COMPANY
COMPANY
SPLUNK SITES
SPLUNK SITES
Sitemap
Privacy
Website Terms of Use
Splunk Licensing Terms
Export Control
Modern Slavery Statement
Splunk Patents

© 2005-2022 Splunk Inc. All rights reserved.

Splunk, Splunk>,Turn Data Into Doing, Data-to-Everything, and D2E are trademarks or registered trademarks of Splunk Inc. in the United States and other countries. All other brand names,product names,or trademarks belong to their respective owners.