Splunk
  • Training
  • Support
    • Support Portal
    • Support Programs
    • Contact Support
    • Splunk Answers
    • Documentation
    • Product Security Updates
    • Using Splunk Software
    • Community Support
    • Splunk Services
    • Deutsch
    • Español
    • Français
    • Italiano
    • 日本語
    • 한국어
    • Português
    • Pусский
    • 简体中文
    • 繁體中文
    • Login
    • Sign Up
Splunk
  • IT
  • SECURITY
  • IoT
  • BUSINESS ANALYTICS
  • WHY SPLUNK?
  • EXPLORE
    Products | Overview
    CORE
    • Splunk Cloud
    • Splunk Enterprise
    • Splunk Light
    IT OPERATIONS
    • Splunk IT Service Intelligence
    • Splunk Insights for AWS Cloud Monitoring
    • Splunk App for Infrastructure
    • VictorOps
    SECURITY
    • Splunk Enterprise Security
    • Splunk Phantom
    • Splunk User Behavior Analytics
    • Splunk Insights for Ransomware
    IoT
    • Splunk for Industrial IoT
    BUSINESS ANALYTICS
    • Splunk Business Flow
    Industries
    • Communications
    • Financial Services
    • Healthcare
    • Public Sector
    • All Industries
    Company
    • About Splunk
    • Customers
    • Partners
    • Splunk Next
    • Trek-Segafredo Partnership
    • Pricing
    • Value Calculator
    • Blogs
    • Free Trials and Downloads
  • Free Splunk
Splunk Free Splunk
Login | Sign Up
IT
SECURITY
IoT
BUSINESS ANALYTICS
WHY SPLUNK?
Products
Overview
  • CORE
  • Splunk Cloud
  • Splunk Enterprise
  • Splunk Light
  • IT OPERATIONS
  • Splunk IT Service Intelligence
  • Splunk Insights for AWS Cloud Monitoring
  • Splunk App for Infrastructure
  • VictorOps
  • SECURITY
  • Splunk Enterprise Security
  • Splunk Phantom
  • Splunk User Behavior Analytics
  • Splunk Insights for Ransomware
  • IoT
  • Splunk for Industrial IoT
  • BUSINESS ANALYTICS
  • Splunk Business Flow
Industries
  • Communications
  • Financial Services
  • Healthcare
  • Public Sector
  • All Industries
Company
  • About Splunk
  • Customers
  • Partners
  • Splunk Next
  • Trek-Segafredo Partnership
Pricing
Value Calculator
Blogs
Free Trials and Downloads
Training
Support
  • Support Portal
  • Support Programs
  • Contact Support
  • Splunk Answers
  • Documentation
  • Product Security Updates
  • Using Splunk Software
  • Community Support
  • Splunk Services
Languages
  • Deutsch
  • Español
  • Français
  • Italiano
  • 日本語
  • 한국어
  • Português
  • Pусский
  • 简体中文
  • 繁體中文
Splunk Training + Certification

Splunk Enterprise System Administration

Training + Certification
  • Free Courses
    • Free Splunk Fundamentals 1
    • Splunk User Behavior Analytics
    • Splunk Infrastructure Overview
    • Overview
  • Learning Paths
    • Courses for Users
      • Overview
      • Splunk Fundamentals 1
      • Splunk Fundamentals 2
      • Splunk Fundamentals 3
      • Creating Dashboards with Splunk
      • Advanced Dashboards and Visualizations
      • Advanced Searching and Reporting
      • Splunk for Analytics and Data Science
      • Splunk Infrastructure Overview
    • Courses for Splunk Administrators
      • Overview
      • Splunk Fundamentals 1
      • Splunk Fundamentals 2
      • Splunk Enterprise System Administration
      • Splunk Enterprise Data Administration
      • Troubleshooting Splunk Enterprise
      • Splunk Enterprise Cluster Administration
      • Implementing Splunk SmartStore
      • Splunk Workload Management
      • Working with Metrics in Splunk
    • Courses for Splunk Cloud Customers
      • Overview
      • Splunk Fundamentals 1
      • Splunk Fundamentals 2
      • Creating Dashboards with Splunk
      • Splunk Fundamentals 3
      • Advanced Searching and Reporting
      • Splunk for Analytics and Data Science
      • Splunk Cloud Administration
    • Courses for Splunk Architects
      • Overview
      • Splunk Fundamentals 1
      • Splunk Fundamentals 2
      • Creating Dashboards with Splunk
      • Splunk Fundamentals 3
      • Advanced Searching and Reporting
      • Splunk Enterprise System Administration
      • Splunk Enterprise Data Administration
      • Troubleshooting Splunk Enterprise
      • Splunk Enterprise Cluster Administration
      • Architecting Splunk Enterprise Deployments
      • Administering Splunk Enterprise Security
    • Courses for App Developers
      • Overview
      • Splunk Fundamentals 1
      • Splunk Fundamentals 2
      • Creating Dashboards with Splunk
      • Splunk Fundamentals 3
      • Advanced Searching and Reporting
      • Advanced Dashboards and Visualizations
      • Building Splunk Apps
      • Developing with Splunk's REST API
    • Courses for Enterprise Security Administrators
      • Overview
      • Splunk Fundamentals 1
      • Splunk Fundamentals 2
      • Creating Dashboards with Splunk
      • Splunk Fundamentals 3
      • Advanced Searching and Reporting
      • Splunk Enterprise System Administration
      • Splunk Enterprise Data Administration
      • Architecting Splunk Enterprise Deployments
      • Administering Splunk Enterprise Security
    • Courses for Enterprise Security End-Users
      • Overview
      • Splunk Fundamentals 1
      • Splunk Fundamentals 2
      • Splunk Fundamentals 3
      • Advanced Searching and Reporting
      • Using Splunk Enterprise Security
    • Courses for IT Service Intelligence Administrators
      • Overview
      • Splunk Fundamentals 1
      • Splunk Fundamentals 2
      • Creating Dashboards with Splunk
      • Splunk Fundamentals 3
      • Advanced Searching and Reporting
      • Splunk Enterprise System Administration
      • Splunk Enterprise Data Administration
      • Implementing Splunk IT Service Intelligence
    • Courses for IT Service Intelligence End-Users
      • Overview
      • Splunk Fundamentals 1
      • Splunk Fundamentals 2
      • Creating Dashboards with Splunk
      • Splunk Fundamentals 3
      • Advanced Searching and Reporting
      • Using Splunk IT Service Intelligence
    • Courses for Phantom Customers
      • Overview
      • Administering Phantom
      • Developing Phantom Playbooks
  • Certification Tracks
    • Splunk Core Certified User
      • Overview
      • Splunk Fundamentals 1
    • Splunk Core Certified Power User
      • Overview
      • Splunk Fundamentals 1
      • Splunk Fundamentals 2
    • Splunk Enterprise Certified Admin
      • Overview
      • Splunk Fundamentals 1
      • Splunk Fundamentals 2
      • Splunk Enterprise System Administration
      • Splunk Enterprise Data Administration
    • Splunk Enterprise Certified Architect
      • Overview
      • Splunk Fundamentals 1
      • Splunk Fundamentals 2
      • Splunk Enterprise System Administration
      • Splunk Enterprise Data Administration
      • Architecting Splunk Enterprise Deployments
      • Troubleshooting Splunk Enterprise
      • Splunk Enterprise Cluster Administration
      • Splunk Enterprise Practical Lab
    • Splunk Certified Developer
      • Overview
      • Creating Dashboards with Splunk
      • Advanced Dashboards and Visualizations
      • Building Splunk Apps
      • Developing with Splunk's REST API
    • Splunk Enterprise Security Certified Admin
      • Overview
      • Splunk Enterprise System Administration
      • Splunk Enterprise Data Administration
      • Splunk Cloud Administration
      • Administering Splunk Enterprise Security
    • Splunk IT Service Intelligence Certified Admin
      • Overview
      • Splunk Enterprise System Administration
      • Splunk Enterprise Data Administration
      • Splunk Cloud Administration
      • Implementing Splunk IT Service Intelligence
    • Splunk Core Certified Consultant
      • Overview
      • Splunk Fundamentals 1
      • Splunk Fundamentals 2
      • Splunk Enterprise System Administration
      • Splunk Enterprise Data Administration
      • Architecting Splunk Enterprise Deployments
      • Troubleshooting Splunk Enterprise
      • Splunk Enterprise Cluster Administration
      • Splunk Enterprise Practical Lab
      • Splunk Fundamentals 3
      • Creating Dashboards with Splunk
      • Advanced Searching and Reporting
  • Courses
    • Splunk Fundamentals 1
    • Splunk Fundamentals 2
    • Splunk Fundamentals 3
    • Advanced Searching and Reporting
    • Creating Dashboards with Splunk
    • Advanced Dashboards and Visualizations
    • Building Splunk Apps
    • Splunk for Analytics and Data Science
    • Splunk Infrastructure Overview
    • Splunk Enterprise System Administration
    • Splunk Enterprise Data Administration
    • Troubleshooting Splunk Enterprise
    • Splunk Enterprise Cluster Administration
    • Splunk Cloud Administration
    • Architecting Splunk Enterprise Deployments
    • Splunk Enterprise Practical Lab
    • Developing with Splunk's REST API
    • Administering Splunk Enterprise Security
    • Using Splunk Enterprise Security
    • Implementing Splunk IT Service Intelligence
    • Using Splunk IT Service Intelligence
    • Splunk User Behavior Analytics
    • Administering Phantom
    • Developing Phantom Playbooks
    • Working with Metrics in Splunk
    • Implementing Splunk SmartStore
    • Splunk Workload Management
  • Videos
    • All Videos
    • Splunk Cloud Tutorial
    • Installing Splunk Enterprise on Linux
    • Installing Splunk Enterprise on Windows
    • Getting Data In to Splunk Enterprise (Linux)
    • Getting Data In (Windows)
    • Getting Data In with Forwarders
    • Basic Search in Splunk Enterprise
    • Create a Dashboard in Splunk Enterprise
    • Splunk Certification Candidate Journey
    • Creating Alerts in Splunk Enterprise
  • Certification Exams
  • Program Guide + FAQ
  • Download Fact Sheet
View My Training Profile
Course Description

This 2 virtual day course is designed for system administrators who are responsible for managing the Splunk Enterprise environment. The course provides the fundamental knowledge of Splunk license manager, indexers and search heads. It covers configuration, management, and monitoring core Splunk Enterprise components.

Download Course Description
Instructor-led Training Schedule
View Schedule

Course Prerequisites

Required:

  • Splunk Fundamentals 1
Strongly Recommended:
 
  •  Splunk Fundamentals 2

 

Course Topics

  • Splunk Deployment Overview
  • License Management
  • Splunk Apps
  • Splunk Configuration Files
  • Users, Roles, and Authentication
  • Getting Data In
  • Distributed Search
  • Introduction to Splunk Clusters
Course Objectives

Module 1 - Splunk Developer Overview

  • Splunk overview
  • Identify Splunk components
  • Identify Splunk system administrator role

Module 2 - License Management

  • Identify license types
  • Describe license violations
  • Add and remove licenses

Module 3 -  Splunk Apps

  • Describe Splunk apps and add-ons
  • Install an app on a Splunk instance
  • Manage app accessibility and permissions

Module 4 - Splunk Configuration Files

  • Describe Splunk configuration directory structure
  • Understand configuration layering process
  • Use btool to examine configuration settings

Module 5 - Splunk Indexes

  • Describe index structure
  • List types of index buckets
  • Create new indexes
  • Monitor indexes with Monitoring Console

Module 6 - Search Head Cluster

  • Apply a data retention policy
  • Backup data on indexers
  • Delete data from an index
  • Restore frozen data

Module 7 - Splunk User Management

  • Describe user roles in Splunk
  • Create a custom role
  • Add Splunk users

Module 8 - Splunk Authentication Management

  • Integrate Splunk with LDAP
  • List other user authentication options
  • Describe the steps to enable Multifactor Authentication in Splunk

Module 9 - Getting Data In

  • Describe the basic settings for an input
  • List Splunk forwarder types
  • Configure the forwarder
  • Add an input to UF using CLI

Module 10 - Distributed Search

  • Describe how distributed search works
  • Explain the roles of the search head and search peers
  • Configure a distributed search group
  • List search head scaling options

 

 

 

 

 

This Website Uses Cookies
We use our own and third-party cookies to provide you with a great online experience. We also use these cookies to improve our products and services, support our marketing campaigns, and advertise to you on our website and other websites. Some cookies may continue to collect information after you have left our website. Learn more (including how to update your settings) here »
Yes, I Accept
PRODUCTS
  • Splunk Cloud
  • Splunk Enterprise
  • Splunk Light
  • Splunk IT Service Intelligence
  • Splunk Insights for AWS Cloud Monitoring
  • Splunk App for Infrastructure
  • VictorOps
  • Splunk Enterprise Security
  • Splunk Phantom
  • Splunk User Behavior Analysis
  • Splunk Insights for Ransomware
  • Splunk for Industrial IoT
  • Splunk Business Flow
PRICING
CALCULATORS
  • Splunk Value Calculator
  • Critical IT Incident Calculator
FREE TRIALS AND DOWNLOADS
SOLUTIONS
  • IT
  • Security
  • IoT
  • Business Analytics
STRATEGY AND BUSINESS INSIGHTS
  • AI Ops
  • Machine Learning
  • Data Insider
  • More...
INDUSTRIES
  • Communications
  • Financial Services
  • Healthcare
  • Higher Education
  • Manufacturing
  • Public Sector
  • Retail
  • Online Services
  • More...
CUSTOMERS
RESOURCES
  • E-books
  • Recorded Webinars
  • Videos
  • White Papers
  • More...
PARTNERS
  • Become a Partner
  • Partner Login
  • More...
SUPPORT
  • Support Portal
  • Contact Support
  • Splunk Services
  • Support Programs
TRAINING
ABOUT SPLUNK
  • Careers
  • Events
  • Leadership Team
  • Locations
  • Newsroom
  • Splunk for Good
  • Splunk Protects
  • More...
CONNECT WITH SPLUNK
  • Support
  • Partners
  • Sales
SPLUNK SITES
  • Splunk Answers
  • Blogs
  • Community
  • .conf
  • Developers
  • Documentation
  • Splunkbase
  • SplunkLive!
  • T-shirt Store
  • User Groups
Splunk
Sitemap | Contact | Careers | Privacy | Terms of Use | Export Control | Modern Slavery Statement
© 2005-2019 Splunk Inc. All rights reserved.
Splunk>, Listen to Your Data, The Engine for Machine Data, Splunk Cloud, Splunk Light and SPL are trademarks and registered trademarks of Splunk Inc. in the United States and other countries. All other brand names, product names, or trademarks belong to their respective owners. © 2019 Splunk Inc. All rights reserved.