Splunk Enterprise Data Administration (SEDA)

 

Course Overview

This course is designed for administrators who are responsible for getting data into Splunk Indexers. The course provides the fundamental knowledge of Splunk forwarders and methods to get remote data into Splunk indexers. It covers installation, configuration, management, monitoring, and troubleshooting of Splunk forwarders and Splunk Deployment Server components.

Please note that classes may run across three days, consisting of 6 hour sessions each day.

Who should attend

This module is designed for administrators who are responsible for getting data into Splunk Indexers.

Certifications

This course is part of the following Certifications:

Prerequisites

To be successful, students should have a solid understanding of the following modules:

  • Fundamentals 1 (Retired)
  • Fundamentals 2 (recommended) (Retired)

Or the following single-subject modules:

Students should also understand the following module:

  • !Splunk Enterprise System Administration (SESA) (recommended)

Course Objectives

  • Understand sourcetypes
  • Manage and deploy forwarders
  • Configure data inputs
  • File monitors
  • Network inputs (TCP/UDP)
  • Scripted inputs
  • HTTP inputs (via the HTTP Event Collector)
  • Customize the input phase parsing process
  • Define transformations to modify data before indexing
  • Define search time knowledge object configurations

Prix & Delivery methods

Formation en ligne

Durée
18 heures

Prix
  • sur demande
Formation en salle équipée

Durée
18 heures

Prix
  • sur demande

Actuellement aucune session planifiée