Splunk Training + Certification
Troubleshooting Splunk Enterprise
- Free Courses
-
Learning Paths
- Courses for Users
-
Courses for Splunk Administrators
- Overview
- Splunk Fundamentals 1
- Splunk Fundamentals 2
- Splunk Enterprise System Administration
- Splunk Enterprise Data Administration
- Troubleshooting Splunk Enterprise
- Splunk Enterprise Cluster Administration
- Implementing Splunk SmartStore
- Splunk Workload Management
- Working with Metrics in Splunk
- Implementing Splunk Data Fabric Search (DFS)
- Implementing Splunk Data Stream Processor (DSP)
- Courses for Splunk Cloud Customers
-
Courses for Splunk Architects
- Overview
- Splunk Fundamentals 1
- Splunk Fundamentals 2
- Creating Dashboards with Splunk
- Splunk Fundamentals 3
- Advanced Searching and Reporting
- Splunk Enterprise System Administration
- Splunk Enterprise Data Administration
- Troubleshooting Splunk Enterprise
- Splunk Enterprise Cluster Administration
- Architecting Splunk Enterprise Deployments
- Courses for App Developers
-
Courses for Enterprise Security Administrators
- Overview
- Splunk Fundamentals 1
- Splunk Fundamentals 2
- Creating Dashboards with Splunk
- Splunk Fundamentals 3
- Advanced Searching and Reporting
- Splunk Enterprise System Administration
- Splunk Enterprise Data Administration
- Architecting Splunk Enterprise Deployments
- Administering Splunk Enterprise Security
- Courses for Enterprise Security End-Users
- Courses for IT Service Intelligence Administrators
- Courses for IT Service Intelligence End-Users
- Courses for Phantom Customers
- Courses for SignalFx Customers
-
Certification Tracks
- Splunk Core Certified User
- Splunk Core Certified Power User
- Splunk Core Certified Advanced Power User
- Splunk Enterprise Certified Admin
- Splunk Enterprise Certified Architect
- Splunk Certified Developer
- Splunk Enterprise Security Certified Admin
- Splunk IT Service Intelligence Certified Admin
-
Splunk Core Certified Consultant
- Overview
- Splunk Fundamentals 1
- Splunk Fundamentals 2
- Splunk Enterprise System Administration
- Splunk Enterprise Data Administration
- Architecting Splunk Enterprise Deployments
- Troubleshooting Splunk Enterprise
- Splunk Enterprise Cluster Administration
- Splunk Deployment Practical Lab
- Splunk Fundamentals 3
- Creating Dashboards with Splunk
- Advanced Searching and Reporting
- Core Consultant Labs
- Services Core Implementation
- Splunk Phantom Certified Admin
-
Courses
- Splunk Fundamentals 1
- Splunk Fundamentals 2
- Splunk Fundamentals 3
- Advanced Searching and Reporting
- Creating Dashboards with Splunk
- Advanced Dashboards and Visualizations
- Building Splunk Apps
- Splunk for Analytics and Data Science
- Splunk Infrastructure Overview
- Splunk Enterprise System Administration
- Splunk Enterprise Data Administration
- Troubleshooting Splunk Enterprise
- Splunk Enterprise Cluster Administration
- Splunk Cloud Administration
- Architecting Splunk Enterprise Deployments
- Working with Metrics in Splunk
- Implementing Splunk SmartStore
- Splunk Workload Management
- Splunk Deployment Practical Lab
- Implementing Splunk Data Stream Processor (DSP)
- Developing with Splunk's REST API
- Administering Splunk Enterprise Security
- Using Splunk Enterprise Security
- Implementing Splunk IT Service Intelligence
- Using Splunk IT Service Intelligence
- Splunk User Behavior Analytics
- Administering Phantom
- Developing Phantom Playbooks
- Advanced Phantom Implementation
- SignalFx Fundamentals Series (eLearning)
- Infrastructure Monitoring Using SignalFx
- Using SignalFx to Monitor Microservices-based Applications
- Automation Using the SignalFx API
- Sending Custom Metrics to SignalFx
- Advanced Monitoring of Microservices Applications Using SignalFx
- Implementing Splunk Data Fabric Search (DFS)
- Services Core Implementation
- Core Consultant Labs
-
Videos
- All Videos
- Splunk Cloud Tutorial
- Installing Splunk Enterprise on Linux
- Installing Splunk Enterprise on Windows
- Getting Data In to Splunk Enterprise (Linux)
- Getting Data In (Windows)
- Getting Data In with Forwarders
- Basic Search in Splunk Enterprise
- Create a Dashboard in Splunk Enterprise
- Splunk Certification Candidate Journey
- Creating Alerts in Splunk Enterprise
-
- Program Guide + FAQ
- Download Fact Sheet
Course Description
This 2-virtual day course is designed for Splunk administrators. It covers topics and techniques for troubleshooting a standard Splunk distributed deployment using the tools available on Splunk Enterprise 6.6.
It is a lab-oriented class designed to help you gain troubleshooting experience before attending more advanced courses. You will debug a distributed Splunk Enterprise environment using the live system and simulated case logs.
This course does not cover the issues surrounding Splunk Cloud, Splunk Clusters, or Splunk premium apps.
Instructor-led Training Schedule
Course Prerequisites
- Splunk Fundamentals 1
- Splunk Fundamentals 2
- Splunk Data Administration
- Splunk System Administration
Course Topics
- Splunk Support Model
- Splunk Troubleshooting Methods and Tools
- Clarifying the ProblemInstallation, Licensing, and Crash Problems
- UI and Search Problems
- Configuration Problems
- Deployment Problems
- User Management Problems
Course Objectives
Module 1 – Splunk Support Model
- Splunk support resources
Module 2 – Splunk Troubleshooting Methods and Tools
- Splunk troubleshooting approach
- Splunk diagnostic resources and tools
Module 3 – Clarifying the Problem
- Splunk deployment topology
- Index-time pipeline
- Metrics.log
Module 4 – Installation, Licensing, and Crash Problems
- Installation issues
- License issues
- Crash issues
Module 5 – Configuration Problems
- Input issues
- Monitoring console
Module 6 – Search Problems
- Search issues
- Job inspector
Module 7 – Deployment Problems
- Forwarding issues
- Deployment server issues
Module 8 – User Management Problems
- Splunk users and role capabilities
- Directory integration issues