Splunk Enterprise 6 : Administration Bootcamp

Prepare to configure and manage Splunk.
2.1 (5 ratings)
Instead of using a simple lifetime average, Udemy calculates a
course's star rating by considering a number of different factors
such as the number of ratings, the age of ratings, and the
likelihood of fraudulent ratings.
45 students enrolled
Sale Ends Today!
85% off
Take This Course
  • Lectures 10
  • Length 1.5 hours
  • Skill Level Intermediate Level
  • Languages English
  • Includes Lifetime access
    30 day money back guarantee!
    Available on iOS and Android
    Certificate of Completion
Wishlisted Wishlist

How taking a course works


Find online courses made by experts from around the world.


Take your courses with you and learn anywhere, anytime.


Learn and practice real-world skills and achieve your goals.

About This Course

Published 4/2016 English

Course Description

Course: Splunk 6 Administration Bootcamp

Benefits : After completing this course you will be able to setup Splunk Enterprise and manage & administer a Splunk deployment.

Delivery: Online

Agenda : This course prepares System & Security administrators to configure and manage Splunk. Topics include installation, configuring data inputs and forwarders, data management, user accounts, licenses,and troubleshooting and monitoring. The focus in this class is the
knowledge, best practices, and configuration details for Splunk administration in a medium to large distributed deployment environment.

Target Audience: System Administrators, Security Administrators, Security Analysts, Data Analysts

Pre-Requisites : Knowledge of Using Splunk, Splunk Searching & Reporting, Splunk Knowledge Objects; Windows & Linux/Unix OS Administration

Lab Guide : Included

Lab Access : Not Included

What are the requirements?

  • Using Splunk
  • Splunk Search & Reporting
  • Splunk Knowledge Objects

What am I going to get from this course?

  • Explore typical Splunk installations
  • Install apps and technology add-ons
  • Learn common methods of data input
  • Describe Splunk forwarders’ role in data inputs
  • Describe default processing and learn to apply typical modifications
  • Learn how Splunk determines configuration file precedence
  • Manage Splunk data stores

Who is the target audience?

  • System Administrators
  • Security Administrators
  • Security Analysts
  • System Analysts
  • Data Analysts

What you get with this course?

Not for you? No problem.
30 day money back guarantee.

Forever yours.
Lifetime access.

Learn on the go.
Desktop, iOS and Android.

Get rewarded.
Certificate of completion.


Section 1: Course Introduction

Course Overview, Objectives, Benefits and Goals. Target Audience. Prerequisites.

Section 2: Setting up Splunk and Getting Data into Splunk to Analyze

• Identify Splunk instance types

• Describe the Splunk installation options and process

• Identify Splunk hardware requirements

• List steps to install Splunk

• Perform post-installation configuration tasks

• Start, stop, and restart Splunk


Identify the types of data you can index

Explain how Splunk uses source types

Identify the primary methods used to configure data inputs

Install and configure Splunk apps

Add Unix and Windows inputs using an app


Identify the types of data you can index

Describe the basic settings for an input

Configure a file monitor input with Splunk Web

Configure a network input

Section 3: Splunk Administration Topics

• List Splunk forwarder types

• Install a universal forwarder

• Configure the forwarder to connect to an indexer

• Test the forwarder connection

• Describe optional forwarder settings


• Describe what Splunk Deployment Server is

• Explain the use of Forwarder Management

• Configure forwarders to be deployment clients

• Deploy apps using Forwarder Management

Data Processing

• Understand config file precedence and layering

• Understand how precedence affects index time and search time processing

• Modify Splunk default values for a given config file

• Use the Splunk best practice to disable automatic functionality

• Use btool to analyze and troubleshoot config files


Understand what indexes are

Learn why and when to use multiple indexes

Apply a data retention policy

Learn how data moves through indexes

Describe index directory structures and buckets

Store cold buckets on separate disks

Set up indexes

Describe back up strategies


Describe user roles in Splunk

Create a custom role

Students Who Viewed This Course Also Viewed

  • Loading
  • Loading
  • Loading

Instructor Biography

Security Skills Hub, Information Security Training

Information Security organization focusing on enabling skills and competency in the domain of Information Security across multiple practices including Governance, Risk Management, Compliance Management, Identity and Access Management, data Security, Application Security, SAP Security, Managed Security Services, Infrastructure Security and Device Management.

Our mission and vision is to bring hands on training on training in the domain of Information Security tools and technologies to every individual wanting to make a career in this domain by making it more affordable, self intuitive and tailored to the skills required.

Ready to start learning?
Take This Course