Splunk Enterprise Data Administration (SEDA)

 

Course Overview

This course is designed for administrators who are responsible for getting data into Splunk Indexers. The course provides the fundamental knowledge of Splunk forwarders and methods to get remote data into Splunk indexers. It covers installation, configuration, management, monitoring, and troubleshooting of Splunk forwarders and Splunk Deployment Server components.

Please note that classes may run across three days, consisting of 6 hour sessions each day.

Who should attend

This module is designed for administrators who are responsible for getting data into Splunk Indexers.

Certifications

This course is part of the following Certifications:

Prerequisites

To be successful, students should have a solid understanding of the following modules:

  • Fundamentals 1 (Retired)
  • Fundamentals 2 (recommended) (Retired)

Or the following single-subject modules:

Students should also understand the following module:

  • !Splunk Enterprise System Administration (SESA) (recommended)

Course Objectives

  • Understand sourcetypes
  • Manage and deploy forwarders
  • Configure data inputs
  • File monitors
  • Network inputs (TCP/UDP)
  • Scripted inputs
  • HTTP inputs (via the HTTP Event Collector)
  • Customize the input phase parsing process
  • Define transformations to modify data before indexing
  • Define search time knowledge object configurations

Prices & Delivery methods

Online Training

Duration
18 hours

Price
  • on request
Classroom Training

Duration
18 hours

Price
  • on request

Currently there are no training dates scheduled for this course.