Implementing Splunk Data Stream Processor (DSP)

Course Description

This 3-day course is designed for the
experienced Splunk administrators who are new to a data stream processing
service. This hands-on class is designed to provide the essential knowledge for
deploying a Splunk DSP cluster, designing DSP pipelines, and managing stream
processing use cases.

Instructor-led Training Schedule

Course Objectives
 

Module 1 – Introduction to DSP

• Review Splunk deployment options and challenges
• Describe the purpose and value of Splunk DSP
• Understand DSP concepts and terminologies

Module 2 – Deploying a DSP Cluster

• List DSP core components and system requirements
• Describe installation steps
• Check DSP service status
• Configure sources and a default Splunk sink

Module 3 – Building Pipelines - Basics

• Describe the basic elements of a DSP pipeline
• Familiarize with the DSP GUI
• Create data pipelines using the DSP canvas UI
• Ingest and process data from REST API sources
• Ingest data from Splunk forwarders
• Filter data from Splunk Firehose and route to multiple sinks

Module 4 – Building Pipelines - Deep Dive

• Manipulate pipeline options:
• Extract
• Transform
• Obfuscate
• Aggregate

Module 5 – Working with 3rd party data feeds

• Read from and write data to Kafka topics
• List input sources supported with the collect service
• Transform data from Kafka and route them to multiple sinks

Module 6 – Monitoring DSP Environment

• Back up DSP pipelines
• Monitor DSP environment
• Upgrade DSP
• Describe steps to isolate DSP service issues