Splunk Training + Certification

Transitioning to Splunk Cloud

The newest comprehensive resource from Splunk Training + Certification is here.

Course Description

This 2-virtual day course highlights key differences between Splunk Enterprise
deployed on-premise and Splunk Enterprise Cloud to allow Splunk Administrators to transition to Splunk Cloud.

The course provides the skills and knowledge for Splunk Cloud administrators to collect and ingest data as well as manage their cloud environment and maintain a productive Splunk SaaS deployment. 
 

Instructor-led Training Schedule

Course Prerequisites

Required:
  • Splunk Fundamentals 1
  • Splunk System Administration
  • Splunk Data Administration
Strongly Recommended:
  • Splunk Fundamentals 2

Course Topics

  • Splunk Cloud SaaS
  • User Authentication and Authorization
  • Index Management and Data Retention Cloud Ingestion – Using Splunk Forwarders
  • Cloud Ingestion – Use API, HEC and Scripted Inputs
  • Cloud Ingestion – Using Apps and IDM Inputs
  • Installing and Managing Apps
  • Refine and Manipulate Inputs
  • Working with Cloud Support

Course Objectives
 

Module 1 – Splunk Cloud SaaS
  • Describe Cloud SaaS benefits and features
  • Identify Splunk Cloud administrator managed tasks
  • Explain the differences between Splunk Enterprise on premise and Splunk Enterprise Cloud
Module 2 – User Authentication and Authorization
  • Identify Splunk Cloud authentication options
  • Add Splunk users using native authentication
  • Integrate Splunk with LDAP, Active Directory or SAML
  • Understanding Splunk authorization options
Module 3 – Index Management and Data Retention
  • Understand cloud indexing strategy
  • Create indexes in cloud
  • Manage data retention and archiving
  • Monitor indexing activities
Module 4 – Cloud Ingestion – Using forwarders
  • Review cloud ingestion strategies
  • Understand the role of forwarders in GDI
  • Configure forwarding to Splunk Cloud
  • Monitoring forwarder connectivity
  • Explore optional forwarder settings
Module 5 – Cloud Ingestion – Using API, HEC and Scripted Inputs
  • Understand how data is ingested using API
  • Describe how to use HEC for ingestion
  • Know how to deploy scripted inputs
Module 6 – Cloud Ingestion – Using Apps and IDM Inputs
  • Understand how inputs are managed using in apps or add-ons
  • Describe how customers may use Splunk Stream app
  • Deploy Cloud inputs for use on an IDM
Module 7 – Installing and Managing Apps
  • Understand how apps and add-ons are vetted and installed in Cloud
  • Create apps to managing and distribute configurations
Module 8 – Refine and Manipulate Inputs
  • Create and define props and transforms using the UI
  • Understand how to create, modify and deploy configs in Cloud
  • Masking data and removing data prior to ingestion
  • Dirty data and performance gains
Module 9 – Cloud Support and Troubleshooting
  • Troubleshooting Splunk deployments
  • Collecting data and use diagnostics or monitoring to investigate
  • Explore diagnostic tools used to troubleshoot common issues
  • Overview of how to submit request with the relevant data for support to troubleshoot