Udemy
    •  
    •  
    •  
    •  
    •  
    •  
    •  
    •  
Subscribe
Turn what you know into an opportunity and reach millions around the world.
Learn More
Your cart is empty.
Keep shopping
Splunk Enterprise Administration 201 - Data Admin
Rating: 4.2 out of 5(113 ratings)
798 students

Splunk Enterprise Administration 201 - Data Admin

Splunk Data Administration Course | Splunk Admin Certification Exam Prep | Splunk v.9.2
Created byAbleversity Incorporated
Last updated 9/2024
English

What you'll learn

  • Continue your administrator course path with the Ableversity's Data Administration course!
  • How to configure forwards, implement heavy forwarders and gain a strong understanding of forwarder management.
  • Master the parsing phase and leverage data preview to massage your raw data sources. Learn by doing with hands on labs!
  • Getting Data In
  • Configuring Forwarders
  • HF's and Forwarder Management
  • Data Inputs
  • Tuning Inputs
  • Parsing Phase and Data Preview
  • Raw Data and Knowledge Objects

Course content

1 section13 lectures2h 41m total length

  • Getting Data In10:51
  • Getting Data In Demo5:56

    Learn to bring data into Splunk using upload, monitor, and forward options, including cloud sources like s3 and cloudtrail, and monitor local var logs.

  • Configuring Forwarders12:24

    Configure universal and heavy forwarders to send data to Splunk indexers using outputs.conf and inputs.conf, with deployment server management, port 9997, and options like SSL, compression, and load balancing.

  • Configuring Forwarders Demo8:57
  • HFs and Forwarder Management11:28
  • HFs and Forwarder Management Demo9:27

    Configure a Splunk deployment server by creating deployment apps, server classes, and clients; convert a Windows VM into a deployment client, and push the Windows app.

  • Data Inputs17:18
  • Data Inputs Demo7:25
  • Tuning Inputs6:23
  • Parsing Phase and Data Preview22:15

    Master the parsing phase and data preview in Splunk: learn input flow, props.conf based parsing, time extraction, and event boundaries to prepare data for indexing and searching.

  • Parsing Phase and Data Preview Demo22:34

    Explore splitting raw logs into seven events with custom source types and regex-based line breaks in Splunk. Master timestamp extraction, time format, and masking sensitive data using props.conf and Rexx.

  • Raw Data and Knowledge Objects16:23

    Learn to transform raw data with props.conf and transforms.conf, enabling data masking to protect pii and meet hipaa and gdpr requirements, while managing knowledge objects to prevent orphaned items.

  • Raw Data and Knowledge Objects Demo10:27
  • Data Admin Quiz

Requirements

  • Ableversity's Fundamentals 1
  • Ableversity's Fundamentals 2
  • Ableversity's System Administration
  • The above are recommended but not required

Description

Splunk Data Administration: Master the Art of Data Ingestion and Management

Welcome to Ableversity's Splunk Data Administration course, taught by our Principal Instructor, Hailie Shaw, and developed under the expert oversight of Michael Bentley, "The Splunk Doctor," one of the most respected Splunkers in the world.

Why This Course Stands Apart

Data ingestion is the foundation of every successful Splunk deployment, and mastering it requires guidance from true experts. Learning from industry leaders who've configured and optimized countless enterprise data pipelines, you'll gain the sophisticated skills needed to ensure data flows efficiently and accurately into your Splunk environment. This specialized training provides insights and best practices that only come from professionals who've solved complex data challenges at scale.

What You'll Master

Through 7 focused lessons combining expert instruction and hands-on labs, you'll develop complete mastery of Splunk's data ingestion pipeline. From forwarder configuration to data parsing and optimization, you'll learn by doing with practical exercises that build real-world competency.

Master critical data administration concepts including getting data into Splunk, configuring forwarders for optimal performance, implementing and managing heavy forwarders and universal forwarders, tuning data inputs for efficiency, understanding the parsing phase, leveraging data preview to refine raw data sources, and creating knowledge objects from raw data.

Your Path to Certification

This course is specifically designed for the Splunk Enterprise Administration Certification track and follows the official blueprint for the Splunk Enterprise Admin Certification exam offered by PearsonVUE. Our students consistently report passing their certification exams after completing this course, demonstrating the professional-grade training you'll receive.

Please note: The prerequisite certifications for the Splunk Enterprise Admin exam are Splunk Core Certified Power User and Splunk Enterprise Admin.

Join Our Community

Learning doesn't stop when the videos end. Connect with us on LinkedIn, X, and Slack, or visit our website for additional resources and support. We're committed to your success and encourage you to reach out with any questions or concerns. We're here to help you succeed.


Enroll today and master Splunk data administration with the guidance of true industry leaders.

Who this course is for:

  • Intermediate Splunk users looking to cover the Splunk Admin Certification exam topics

Report abuse