Business
Data & Analytics
Splunk
Splunk 2020 - Beginner to Architect
4.4 (929 ratings)
Course Ratings are calculated from individual students’ ratings and a variety of other signals, like age of rating and reliability, to ensure that they reflect course quality fairly and accurately.
5,430 students enrolled

Splunk 2020 - Beginner to Architect

All in One Course in Mastering Splunk
4.4 (929 ratings)
Course Ratings are calculated from individual students’ ratings and a variety of other signals, like age of rating and reliability, to ensure that they reflect course quality fairly and accurately.
5,430 students enrolled
Created by Zeal Vora
Last updated 3/2020
English
Preview this course
Splunk 2020 - Beginner to Architect
Price: $34.99
Buy now
30-Day Money-Back Guarantee
This course includes
  • 11 hours on-demand video
  • 15 articles
  • Full lifetime access
  • Access on mobile and TV
  • Certificate of Completion
Training 5 or more people?

Get your team access to 4,000+ top Udemy courses anytime, anywhere.

Try Udemy for Business
What you'll learn
  • Build Highly Available Clustering Architectures
  • Design and Create Dashboards to detect anomalies
  • Implementing Splunk in Docker Containers
  • Troubleshooting and Industry Best Practices in Managing Splunk
Requirements
  • Computer with Internet Connection
Description

Splunk 2019 - Beginner to Architect is a course specifically designed for beginners who wants to master Splunk. 

This course starts from absolute ground up level and step by step we build our solid foundation in Splunk to master various aspects related to writing SPL queries, building dashboards, distributed splunk architectures, as well as building highly available clustered setup for Splunk.

With tons of practicals, easy to understand videos, and great Support from our Instructor in-case of doubts, this course is all you need to build solid foundation in Splunk.

Who this course is for:
  • Individuals who are looking to have solid foundation in Splunk.
Course content
Expand all 97 lectures 10:54:07
+ Getting Started
2 lectures 02:40
Introduction to the Course
Preview 02:40
Download Links - Tutorial Data, Samples and Logs
00:00
+ Introduction to Splunk & Setting Up Labs
15 lectures 01:00:26
Introduction to Splunk
06:50
Note - Installation Process
00:18
Introduction to Docker Containers - New
11:01
Installing Docker
06:26
Installing Docker in Linux
02:37
Document - Linux Installation Commands
00:02
Installing Splunk - Docker Approach
06:16
Installation Manual - Docker and RPM
00:17
Installing Splunk - RPM Approach
Preview 06:16
Data Persistence for Container Volumes
07:26
Important Pointer for Docker in Windows
03:15
Document - Persistent Docker Volume
00:08
Splunk Licensing Model
04:56
Splunk Developer 10GB License
02:35
Importing License into Splunk
02:02
+ Getting started with Splunk
15 lectures 02:02:10
Importing Data to Splunk
12:03
Sample Tutorial Logs
00:01
Security Use-Case - Finding Attack Vectors
14:45
Search Processing Language (SPL)
18:35
Splunk Search Assistant
04:24
Splunk Reports
Preview 06:39
Splunk Report - Email Clarification (Followup)
01:22
Understanding Add-Ons and Apps
12:42
Splunk Add-On for AWS
10:14
Splunk App for AWS
11:29
Overview of Dashboards and Panels
07:41
Building Dashboard Inputs - Time Range Picker
07:29
Building Dashboard Inputs - Text Box
05:34
Building Dashboard Inputs - Drop down
05:48
Building Dashboard Inputs - Dynamic DropDown
03:24
+ Splunk Architecture
10 lectures 01:30:42
Directory Structure of Splunk
10:48
Splunk Configuration Directories
11:44
Splunk Configuration Precedence
06:09
Splunk Configuration Precedence - Apps and Locals
04:05
Introduction to Indexes
12:36
Bucket Lifecycle
17:19
Warm to Cold Bucket Migration
07:28
Archiving Data to Frozen Path
08:14
Thawing Process
06:21
Splunk Workflow Actions
05:58
+ Forwarder & User Management
9 lectures 01:07:32
Overview of Universal Forwarders
04:49
Installing Universal Forwarder in Linux
14:47
Installation Manual - Splunk Universal Forwarder
00:03
Challenges in Forwarder Management
06:57
Introduction to Deployment Server
08:43
ServerClass and Deployment Apps
11:27
Creating Custom Add-Ons for deployment
11:51
Pushing Splunk Linux Add-On via Deployment Server
08:54
Understanding Scripted Monitoring inputs
00:00
+ Post Installation Activities
13 lectures 01:37:46
Understanding Regular Expressions
15:49
Regex - Exercise
00:07
Parsing Web Server Logs & Named Group Expression
10:05
Sample - Web Server Logs
00:03
Importance of Source Types
07:41
Interactive Field Extractor (IFX)
05:50
props.conf and transforms.conf
16:43
Sample Log - MySQL Error Logs
00:00
Splunk Event Types
06:15
Tags
06:53
Splunk Events Types Priority and Coloring Scheme
07:12
Splunk Lookups
13:51
Splunk Alerts
07:17
+ Security Primer
2 lectures 21:17
Access Control
10:26
Creating Custom Roles & Capabilities
10:51
+ Distributed Splunk Architecture
8 lectures 45:45
Overview of Distributed Splunk Architecture
07:14
Understanding License Master
05:06
Implementing License Master
05:43
License Pools
06:12
Indexer
04:51
Masking Sensitive Data at Index Time
06:17
Search Head
03:50
Splunk Monitoring Console
06:32
+ Indexer Clustering
11 lectures 01:12:09
Overview of Indexer Clustering
04:19
Deploying Infrastructure for Indexer Cluster
07:18
Document - Deploying Indexer Cluster Docker Containers
00:11
Master Indexer
07:45
Peer Indexers
06:21
Testing Replication and Failover capabilities
09:29
Configuration Bundle
10:32
Configuration Bundle - Part 02
04:37
Forwarding Logs to Indexer Cluster
11:34
Indexer Discovery
10:02
Indexer Discovery - Document
00:01
+ Search Head Clustering
8 lectures 37:58
Overview of Search Head Clusters
03:50
Deploying Infrastructure for Search Head Cluster
06:43
Configuring Cluster Setup on Search Heads
12:00
Search Head Clustering Setup - Document
00:12
Validating Search Head Replication
02:18
Pushing Artifacts through Deployer
06:50
Connecting Search Head Cluster to Indexer Cluster
06:02
SH to IDX Cluster Document
00:02