Splunk Training: Operational Data Analytics with Splunk (SLK101)
Course Length: 2 days
Delivery Methods:
Available as private class only
Course Overview
This Splunk training course introduces the students to the Splunk Operational Data Analytics platform.
Course Benefits
- Splunk components
- Data sources
- SPL
- Forwarders
- Data visualizations
Course Outline
- Splunk Introduction
- Splunk Defined
- Splunk Products
- The Magic Quadrant for Security Information and Event Management (SIEM)
- Splunk Editions
- Deployment Options
- Common Components
- Splunk Admin Dashboard (Web UI)
- Events
- Data Indexing
- Distributed Splunk Indexing and Searching
- Architecture for a Multi-Tier Splunk Enterprise Deployment
- Summary
- Splunk Data Sources
- Data Source Types
- The Source Types Automatically Recognized by Splunk
- The “Pre-trained” Source Types
- Windows ® Data Sources
- Data Indexing
- Web UI for Adding Data to Indexer
- Web UI: Adding Data Flow for Local File Upload
- Web UI: Add Data for Monitoring
- Automatic Recognition of Data Source
- Where is My Uploaded File?
- Custom Event Format
- Summary
- Searching and Reporting with Splunk
- Data Searching
- The Search Processing Language (SPL)
- Searching and Reporting Activities
- The Search Page
- Core Search Concepts
- Search Command Auto-Completion
- The Search Basics
- Search Command Categories
- Command Examples
- More Examples of Search Commands
- Statistical Commands
- Statistical and Time Functions
- From SQL to SPL – the Translation Table
- Visual Aids for Building Search Queries
- Visualizations
- Save Your Searches as Dashboards
- The Delete Operation
- How Do I Delete My Data?
- Summary
- Splunk Forwarders
- Flavors of Splunk Forwarders
- Forwarder Comparison Table (Abridged)
- The Splunk Forwarder Diagram
- Splunk Universal Forwarder (UF) Supported OSes
- UF Functions
- What UF Cannot Do
- Summary
Class Materials
Each student will receive a comprehensive set of materials, including course notes and all the class examples.
Class Prerequisites
Experience in the following is required for this Hadoop class:
- General knowledge of programming using SQL as well as some experience working in UNIX environments (e.g., running shell commands, etc.).
Live Private Class
- Private Class for your Team
- Live training
- Online or On-location
- Customizable
- Expert Instructors