Skip to main content

Splunk Training + Certification

Splunk Deployment Practical Lab

Course Description

This 24-hour practical lab exercise is designed to take you through the tasks of a complete mock deployment. Each participant is given access to a specified number of Linux servers and a set of requirements. Participants then perform a mock deployment according to requirements which adhere to Splunk Deployment Methodology and best-practices.

Instructor-led Training Schedule

Prerequisite Knowledge

  • Splunk Fundamentals 1
  • Splunk Fundamentals 2

Or the following single-subject courses:

  • What is Splunk?▪ Intro to Splunk
  • Using Fields▪ Scheduling Reports and Alerts
  • Visualizations▪ Introduction to Knowledge Objects
  • Creating Field Extractions
  • Introduction to Dashboards

Students should also understand the following courses:

  • Splunk Enterprise System Administration
  • Splunk Enterprise Data Administration
  • Architecting Splunk Enterprise Deployments
  • Troubleshooting Splunk Enterprise
  • Splunk Enterprise Cluster Administration

Course Format

Instructor-led lecture with labs. Delivered via virtual classroom or at your site.

Course Objectives

Installation and Infrastructure

  • Install forwarders, indexer, search head, deployment server and license master

Configuration and Collection

  • Configure an index cluster
  • Deploy all specified configurations via deployment server
  • Configure inputs from forwarders
  • Configure and confirm index-time knowledge
  • Create search time fields

Searching and Reporting

  • Create searches for each required use case
  • Get indexer event acknowledgements