Splunkのトレーニング + 認定
Splunk Enterprise Data Administration
- 無料コース
-
ラーニングパス
- ユーザー向けコース
- Splunk 管理者向けコース
- Splunk Cloud お客様向けコース
-
Splunk アーキテクト向けコース
- 概要
- Splunk Fundamentals 1
- Splunk Fundamentals 2
- Creating Dashboards with Splunk
- Splunk Fundamentals 3
- Advanced Searching and Reporting
- Splunk Enterprise System Administration
- Splunk Enterprise Data Administration
- Troubleshooting Splunk Enterprise
- Splunk Enterprise Cluster Administration
- Architecting Splunk Enterprise Deployments
- Administering Splunk Enterprise Security
- アプリケーション開発者向けコース
- Enterprise Security 管理者向けコース
- Enterprise Security エンドユーザー向けコース
- IT Service Intelligence 管理者向けコース
- IT Service Intelligence エンドユーザー向けコース
- Phantom のお客様向けコース
-
認定トラック
- Splunk Core Certified User
- Splunk Core Certified Power User
- Splunk Enterprise Certified Architect
- Splunk Enterprise Certified Admin
- Splunk Certified Developer
- Splunk Enterprise Security Certified Admin
- Splunk IT Service Intelligence Certified Admin
-
Splunk Core Certified Consultant
- 概要
- Splunk Fundamentals 1
- Splunk Fundamentals 2
- Splunk Enterprise System Administration
- Splunk Enterprise Data Administration
- Architecting Splunk Enterprise Deployments
- Troubleshooting Splunk Enterprise
- Splunk Enterprise Cluster Administration
- Splunk Enterprise Practical Lab
- Creating Dashboards with Splunk
- Advanced Searching and Reporting
-
コース
- Splunk Fundamentals 1
- Splunk Fundamentals 2
- Splunk Fundamentals 3
- Advanced Searching and Reporting
- Creating Dashboards with Splunk
- Advanced Dashboards and Visualizations
- Building Splunk Apps
- Splunk for Analytics and Data Science
- Splunk Infastructure Overview
- Splunk Enterprise System Administration
- Splunk Enterprise Data Administration
- Troubleshooting Splunk Enterprise
- Splunk Enterprise Cluster Administration
- Splunk Cloud Administration
- Architecting Splunk Enterprise Deployments
- Splunk Deployment Practical Lab
- Developing with Splunk's REST API
- Administering Splunk Enterprise Security
- Using Splunk Enterprise Security
- Implementing Splunk IT Service Intelligence
- Using Splunk IT Service Intelligence
- Splunk User Behavior Analytics
- Administering Phantom
- Working with Metrics in Splunk
- Developing Phantom Playbooks
- Implementing Splunk SmartStore
- Splunk Workload Management
-
ビデオ
- All Videos
- Splunk Cloud Tutorial
- Installing Splunk Enterprise on Linux
- Installing Splunk Enterprise on Windows
- Getting Data In to Splunk Enterprise (Linux)
- Getting Data In (Windows)
- Getting Data In with Forwarders
- Basic Search in Splunk Enterprise
- Create a Dashboard in Splunk Enterprise
- Splunk Certification Candidate Journey
- Creating Alerts in Splunk Enterprise
- Program Guide + FAQ
-
- ファクトシートをダウンロード
Course Description
This 3 virtual day course is designed for system administrators who are responsible for getting data into Splunk Indexers. The course provides the fundamental knowledge of Splunk forwarders and methods to get remote data into Splunk indexers. It covers installation, configuration, management, monitoring, and troubleshooting of Splunk forwarders and Splunk Deployment Server components.
Instructor-led Training Schedule
Course Prerequisites
Required:
Splunk Fundamentals 1
Strongly Recommended:
- Splunk Fundamentals 2
- Splunk System Administartion
Course Topics
- Deploy forwarders with Forwarder Management
- Splunk Configuration Files
- Configure common Splunk data inputs
- Customize the input parsing process
Course Objectives
Module 1 -Introduction to Data Administration
- Splunk overview
- Identify Splunk data administrator role
Module 2 - Getting Data In - Staging
- List the four phases of Splunk Index
- List Splunk input options
- Describe the band settings for an input
Module 3 - Configuring Forwarders
- Understand the role of production Indexers and Forwarders
- Understand the functionality of Universal Forwarders and Heavy Forwarders
- ConfigureForwarders
- Identify additional Forwarder options
Module 4 - Forwarder Management
- Explain the use of Forwarder Management
- Describe Splunk Deployment Server
- Manage forwarders using deployment apps
- Configure deployment clients
- Configure client groups
- Monitor forwarder management activities
Module 5 - Monitor Inputs
- Create file and directory monitor inputs
- Use optional settings for monitor inputs
- Deploy a remote monitor input
Module 6 - Network and Scripted Inputs
- Create network (TCP and UDP) inputs
- Describe optional settings for network inputs
- Create a basic scripted input
Module 7 - Agentless Inputs
- Identify Windows input types and uses
- Understand additional options to get data into Splunk
- HTTP Event Collector
- Splunk App for Stream
Module 8 - Fine Tuning Inputs
- Understand the default processing that occurs during input phase
- Configure input phase options, such as sourcetype fine-tuning and character set encoding
Module 9 - Parsing Phase and Data
- Understand the default processing that occurs during parsing
- Optimize and configure event line breaking
- Explain how timestamps and time zones are extracted or assigned to events
- Use Data Preview to validate event creation during the parsing phase
Module 10 - Manipulating Raw Data
- Explain how data transformations are defined and invoked
- Use transformations with props.conf and transforms.conf to:
- Mask or delete raw data as it is being indexed
- Override sourcetype or host based upon event values
- Route events to specific indexes based on event content
- Prevent unwanted events from being indexed
- Use SEDCMD to modify raw data
Module 11 - Supporting Knowledge Objects
- Create field extractions
- Configure collections for KV Store
- Manage Knowledge Object permissions
- Control automatic field extraction
Module 12 - Creating a Diag
- Identify Splunk diag
- Using Splunk diag