- Free Courses
-
Learning Paths
- Courses for Users
- Courses for Splunk Administrators
- Courses for Splunk Cloud Customers
-
Courses for Splunk Architects
- 概要
- Splunk Fundamentals 1
- Splunk Fundamentals 2
- Creating Dashboards with Splunk
- Splunk Fundamentals 3
- Advanced Searching and Reporting
- Splunk Enterprise System Administration
- Splunk Enterprise Data Administration
- Troubleshooting Splunk Enterprise
- Splunk Enterprise Cluster Administration
- Architecting Splunk Enterprise Deployments
- Administering Splunk Enterprise Security
- Courses for App Developers
- Courses for Enterprise Security Administrators
- Courses for Enterprise Security End-Users
- Courses for IT Service Intelligence Administrators
- Courses for IT Service Intelligence End-Users
- Courses for Phantom Customers
-
Certification Tracks
- Splunk Core Certified User
- Splunk Core Certified Power User
- Splunk Enterprise Certified Admin
- Splunk Enterprise Certified Architect
- Splunk Certified Developer
- Splunk Enterprise Security Certified Admin
- Splunk IT Service Intelligence Certified Admin
-
Splunk Core Certified Consultant
- 概要
- Splunk Fundamentals 1
- Splunk Fundamentals 2
- Splunk Enterprise System Administration
- Splunk Enterprise Data Administration
- Architecting Splunk Enterprise Deployments
- Troubleshooting Splunk Enterprise
- Splunk Enterprise Cluster Administration
- Splunk Enterprise Practical Lab
- Splunk Fundamentals 3
- Creating Dashboards with Splunk
- Advanced Searching and Reporting
-
Courses
- Splunk Fundamentals 1
- Splunk Fundamentals 2
- Splunk Fundamentals 3
- Advanced Searching and Reporting
- Creating Dashboards with Splunk
- Advanced Dashboards and Visualizations
- Building Splunk Apps
- Splunk for Analytics and Data Science
- Splunk Infrastructure Overview
- Splunk Enterprise System Administration
- Splunk Enterprise Data Administration
- Troubleshooting Splunk Enterprise
- Splunk Enterprise Cluster Administration
- Splunk Cloud Administration
- Architecting Splunk Enterprise Deployments
- Splunk Enterprise Practical Lab
- Developing with Splunk's REST API
- Administering Splunk Enterprise Security
- Using Splunk Enterprise Security
- Implementing Splunk IT Service Intelligence
- Using Splunk IT Service Intelligence
- Splunk User Behavior Analytics
- Administering Phantom
- Developing Phantom Playbooks
- Working with Metrics in Splunk
- Implementing Splunk SmartStore
- Splunk Workload Management
-
ビデオ
- All Videos
- Splunk Cloud Tutorial
- Installing Splunk Enterprise on Linux
- Installing Splunk Enterprise on Windows
- Getting Data In to Splunk Enterprise (Linux)
- Getting Data In (Windows)
- Getting Data In with Forwarders
- Basic Search in Splunk Enterprise
- Create a Dashboard in Splunk Enterprise
- Splunk Certification Candidate Journey
- Creating Alerts in Splunk Enterprise
-
- Certification Exams
- Program Guide + FAQ
- Download Fact Sheet
This 3 virtual day course is designed for system administrators who are responsible for getting data into Splunk Indexers. The course provides the fundamental knowledge of Splunk forwarders and methods to get remote data into Splunk indexers. It covers installation, configuration, management, monitoring, and troubleshooting of Splunk forwarders and Splunk Deployment Server components.
Instructor-led Training Schedule
Splunk Fundamentals 1
- Splunk Fundamentals 2
- Splunk System Administartion
- Deploy forwarders with Forwarder Management
- Splunk Configuration Files
- Configure common Splunk data inputs
- Customize the input parsing process
- Splunk overview
- Identify Splunk data administrator role
- List the four phases of Splunk Index
- List Splunk input options
- Describe the band settings for an input
- Understand the role of production Indexers and Forwarders
- Understand the functionality of Universal Forwarders and Heavy Forwarders
- ConfigureForwarders
- Identify additional Forwarder options
- Explain the use of Forwarder Management
- Describe Splunk Deployment Server
- Manage forwarders using deployment apps
- Configure deployment clients
- Configure client groups
- Monitor forwarder management activities
- Create file and directory monitor inputs
- Use optional settings for monitor inputs
- Deploy a remote monitor input
- Create network (TCP and UDP) inputs
- Describe optional settings for network inputs
- Create a basic scripted input
- Identify Windows input types and uses
- Understand additional options to get data into Splunk
- HTTP Event Collector
- Splunk App for Stream
- Understand the default processing that occurs during input phase
- Configure input phase options, such as sourcetype fine-tuning and character set encoding
- Understand the default processing that occurs during parsing
- Optimize and configure event line breaking
- Explain how timestamps and time zones are extracted or assigned to events
- Use Data Preview to validate event creation during the parsing phase
- Explain how data transformations are defined and invoked
- Use transformations with props.conf and transforms.conf to:
- Mask or delete raw data as it is being indexed
- Override sourcetype or host based upon event values
- Route events to specific indexes based on event content
- Prevent unwanted events from being indexed
- Use SEDCMD to modify raw data
- Create field extractions
- Configure collections for KV Store
- Manage Knowledge Object permissions
- Control automatic field extraction
- Identify Splunk diag
- Using Splunk diag