Course Overview
This course is designed for administrators who are responsible for getting data into Splunk Indexers. The course provides the fundamental knowledge of Splunk forwarders and methods to get remote data into Splunk indexers. It covers installation, configuration, management, monitoring, and troubleshooting of Splunk forwarders and Splunk Deployment Server components.
Please note that classes may run across three days, consisting of 6 hour sessions each day.
Who should attend
- Administrators
Certifications
This course is part of the following Certifications:
Prerequisites
To be successful, students must have completed these Splunk Education course(s) or have equivalent working knowledge:
- Intro to Splunk (ITS)
- Using Fields (SUF)
- Intro to Knowledge Objects (IKO)
- Creating Knowledge Objects (CKO)
- Creating Field Extractions (CFE)
- Enriching Data with Lookups (EDL)
- Data Models (SDM)
Additional courses and/or knowledge in these areas are also highly recommended: