Buying for a Team? Gift This Course
Wishlisted Wishlist

Please confirm that you want to add Splunk Enterprise 6 : Administration Bootcamp to your Wishlist.

Add to Wishlist

Splunk Enterprise 6 : Administration Bootcamp

Prepare to configure and manage Splunk.
2.1 (5 ratings)
Instead of using a simple lifetime average, Udemy calculates a course's star rating by considering a number of different factors such as the number of ratings, the age of ratings, and the likelihood of fraudulent ratings.
49 students enrolled
Last updated 4/2016
$15 $100 85% off
30-Day Money-Back Guarantee
  • 1.5 hours on-demand video
  • 12 Supplemental Resources
  • Full lifetime access
  • Access on mobile and TV
  • Certificate of Completion
Have a coupon?

Course: Splunk 6 Administration Bootcamp

Benefits : After completing this course you will be able to setup Splunk Enterprise and manage & administer a Splunk deployment.

Delivery: Online

Agenda : This course prepares System & Security administrators to configure and manage Splunk. Topics include installation, configuring data inputs and forwarders, data management, user accounts, licenses,and troubleshooting and monitoring. The focus in this class is the
knowledge, best practices, and configuration details for Splunk administration in a medium to large distributed deployment environment.

Target Audience: System Administrators, Security Administrators, Security Analysts, Data Analysts

Pre-Requisites : Knowledge of Using Splunk, Splunk Searching & Reporting, Splunk Knowledge Objects; Windows & Linux/Unix OS Administration

Lab Guide : Included

Lab Access : Not Included

Who is the target audience?
  • System Administrators
  • Security Administrators
  • Security Analysts
  • System Analysts
  • Data Analysts
Students Who Viewed This Course Also Viewed
What Will I Learn?
Explore typical Splunk installations
Install apps and technology add-ons
Learn common methods of data input
Describe Splunk forwarders’ role in data inputs
Describe default processing and learn to apply typical modifications
Learn how Splunk determines configuration file precedence
Manage Splunk data stores
View Curriculum
  • Using Splunk
  • Splunk Search & Reporting
  • Splunk Knowledge Objects
Curriculum For This Course
Expand All 10 Lectures Collapse All 10 Lectures 01:23:14
Course Introduction
1 Lecture 02:03

Course Overview, Objectives, Benefits and Goals. Target Audience. Prerequisites.

Preview 02:03
Setting up Splunk and Getting Data into Splunk to Analyze
3 Lectures 25:07

• Identify Splunk instance types

• Describe the Splunk installation options and process

• Identify Splunk hardware requirements

• List steps to install Splunk

• Perform post-installation configuration tasks

• Start, stop, and restart Splunk

Preview 10:29

Identify the types of data you can index

Explain how Splunk uses source types

Identify the primary methods used to configure data inputs

Install and configure Splunk apps

Add Unix and Windows inputs using an app

Getting Data in with Apps

Identify the types of data you can index

Describe the basic settings for an input

Configure a file monitor input with Splunk Web

Configure a network input

Getting Data in Manually
Splunk Administration Topics
6 Lectures 56:04

• List Splunk forwarder types

• Install a universal forwarder

• Configure the forwarder to connect to an indexer

• Test the forwarder connection

• Describe optional forwarder settings


• Describe what Splunk Deployment Server is

• Explain the use of Forwarder Management

• Configure forwarders to be deployment clients

• Deploy apps using Forwarder Management

Forwarder Management

Data Processing

• Understand config file precedence and layering

• Understand how precedence affects index time and search time processing

• Modify Splunk default values for a given config file

• Use the Splunk best practice to disable automatic functionality

• Use btool to analyze and troubleshoot config files

Config Precedence

Understand what indexes are

Learn why and when to use multiple indexes

Apply a data retention policy

Learn how data moves through indexes

Describe index directory structures and buckets

Store cold buckets on separate disks

Set up indexes

Describe back up strategies

Splunk's Data Store

Describe user roles in Splunk

Create a custom role

Users, Roles and Authentication along with Sample Data Set for Lab Exercises .
About the Instructor
3.7 Average rating
120 Reviews
3,853 Students
13 Courses
Information Security Training

Information Security organization focusing on enabling skills and competency in the domain of Information Security across multiple practices including Governance, Risk Management, Compliance Management, Identity and Access Management, data Security, Application Security, SAP Security, Managed Security Services, Infrastructure Security and Device Management.

Our mission and vision is to bring hands on training on training in the domain of Information Security tools and technologies to every individual wanting to make a career in this domain by making it more affordable, self intuitive and tailored to the skills required.

Report Abuse