Course Description

This 24-hour practical lab exercise is designed to take you through the tasks of a complete mock deployment. Each participant is given access to a specified number of Linux servers and a set of requirements. Participants then perform a mock deployment according to requirements which adhere to Splunk Deployment Methodology and best-practices.

Instructor-led Training Schedule

Course Prerequisites

  • Splunk Fundamentals 1 
  • Splunk Fundamentals 2
  • Splunk System Administration
  • Splunk Data Administration
  • Architecting Splunk Enterprise Deployments
  • Troubleshooting Splunk Enterprise
  • Splunk Enterprise Cluster Administration

 

Course Objectives

Installation and Infrastructure

  • Install forwarders, indexers, search head, deployment server and license master

Configuration and Collection

  • Configure an index cluster
  • Deploy all specified configurations via deployment server
  • Configure inputs from forwarders
  • Configure and confirm index-time knowledge
  • Create search time field extractions

Searching and Reporting

  • Create searches for each required use case