Splunk Enterprise Architect Fast Start

Splunk Enterprise Architect Fast StartARCH-FTSPSplunkSP-ARCH-FT1.0At the end of this course, you should be able to : <ul> <li>Understand Splunk Troubleshooting Methods and Tools</li><li>Index Problems</li><li>Input Configuration Problems</li><li>Understand Deployment Problems</li><li>Understand License, Upgrade, and User Management Problems</li><li>Understand Search Management Problems</li><li>User Search Problems</li><li>Understand the Splunk Support Model and its resources</li><li>Identify the best practices for troubleshooting Splunk Enterprise</li><li>List ways to gather useful Splunk diagnostic information</li><li>Use Splunk diagnostic tools</li><li>Identify common Splunk technical issues and solve them</li><li>Understand Requirements definition</li><li>Understand Index and resource planning</li><li>Understand Cluster</li><li>Understand Forwarder and Deployment</li><li>Integration</li><li>Understand Performance Monitoring and Tuning</li><li>Understand Large-scale Splunk Deployment</li><li>Understand Single-site Indexer Cluster</li><li>Understand Indexer Cluster Management and Administration</li><li>Understand Forwarder Configuration</li><li>Understand Search Head Cluster</li><li>Understand Search Head Cluster Management and Administration</li><li>Understand KV Store Collection and Lookup Management</li><li>Understand SmartStore Implementation</li></ul>Splunk Core Certified Power User AND Splunk Enterprise Certified Admin. Hard pre-req: The three ILTs in this path PLUS the Splunk Enterprise Practical Lab.Splunk administrators Eexperienced Splunk Enterprise administrator who is new to Splunk Clusters<h4>Troubleshooting Splunk Enterprise</h4> Module 1 – Splunk Troubleshooting Methods and Tools <ul> <li>Describe the Splunk Troubleshooting Approach</li><li>List Splunk Diagnostic Resources and Tools</li><li>Create and Splunk a Diag</li><li>Use RapidDiag</li></ul>Module 2 – Indexing Problems <ul> <li>Discover Splunk Deployment Topology and its Server Roles</li><li>Identify Where to Check the Index-Time Pipeline Status</li><li>Use the metrics.log to Clarify the Index-Time Problem</li></ul>Module 3 – Input Configuration Problems <ul> <li>Data Input Issues</li><li>Troubleshooting Inputs with the Monitoring Console</li></ul>Module 4 – Deployment and Forwarder Problems <ul> <li>Deployment Server Issues</li><li>Forwarding and Receiving Issues</li></ul>Module 5 – License, Upgrade, and User Management Problems <ul> <li>Installation Issues</li><li>Upgrade Considerations</li><li>Splunk Licensing Issues</li><li>Splunk Roles and User Management Issues</li></ul>Module 6 – Search Head Management Problems <ul> <li>Troubleshoot Distributed Search Issues</li><li>Identify Job Scheduling Problems</li><li>Learn to Diagnose Crashing Problems</li><li>Describe How to Prioritize Resources for Critical Splunk Processes</li></ul>Module 7 – User Search Problems <ul> <li>Identify the Types of Search Problems</li><li>Isolate and Troubleshoot Search Problems</li></ul><h5>Splunk Enterprise Cluster Administration</h5> Module 1 – Splunk Troubleshooting Methods and Tools <ul> <li>Deployment Design Factors</li><li>How Splunk Enterprise can scale</li><li>Splunk License Master</li><li>Splunk 9.0 Security</li></ul>Module 2 – Single-site Indexer Cluster <ul> <li>How Splunk Single-Site Indexer Clusters Work</li><li>Indexer Cluster Components and Terms</li><li>Splunk single-site Indexer Cluster Configuration</li><li>Splunk Indexer Cluster Log Channels</li></ul>Module 3 – Multisite Indexer Cluster <ul> <li>How Splunk Multisite Indexer Clusters Work</li><li>Multisite Indexer Cluster Terms</li><li>Multisite Indexer Cluster Configuration</li><li>Optional Multisite Indexer Cluster Configurations</li></ul>Module 4 – Indexer Cluster Management and Administration <ul> <li>Peer Offline and Decommission</li><li>Master App Bundles</li><li>Indexer Cluster Storage Utilization Options</li><li>Site Mapping</li><li>Monitoring Console for Indexer Cluster Environment</li><li>Cluster Manager Redundancy</li></ul>Module 5 – Forwarder Management <ul> <li>Indexer Discovery</li><li>Optional Indexer Discovery Configurations</li><li>Volume-Based Forwarder Load Balancing</li></ul>Module 6 – Search Head Cluster <ul> <li>Search Head Cluster Architecture</li><li>Search Head Cluster Configuration</li><li>Captaincy Identification and Cluster Status</li><li>Search Head Cluster Settings</li></ul>Module 7 – Search Head Cluster Management <ul> <li>Search Head Cluster Deployer</li><li>Captaincy Transfer</li><li>Search Head Member Addition and Decommissioning</li><li>Monitoring Console for Search Head Cluster</li></ul>Module 8 – KV Store Collection and Lookup Management <ul> <li>KV Store Collection in Splunk Clusters</li><li>KV Store Monitoring with Monitoring Console</li></ul>Module 9 – Introduction to Smart Store <ul> <li>SmartStore Deployment Use Cases</li><li>SmartStore Architecture Overview</li><li>Enable SmartStore in Indexer Cluster</li><li>Monitor SmartStore Status</li></ul><h4>Architecting Splunk Enterprise Deployments</h4> Module 1 – Introduction <ul> <li>Overview of the Splunk deployment planning process and associated tools</li></ul>Module 2 – Project Requirements <ul> <li>Identify critical information about environment, volume, users, and requirements</li><li>Review checklists and resources to aid in collecting requirements</li></ul>Module 3 – Infrastructure Planning: Index Design <ul> <li>Design and size indexes</li><li>Estimate storage requirements</li><li>Identify relevant apps</li></ul> Module 4 – Infrastructure Planning: Resource Planning <ul> <li>List sizing factors for servers</li><li>Describe how reference hardware is used to scale deployments</li><li>Identify the impact of clustering for index replication and for search heads</li></ul>Module 5- Clustering Overview <ul> <li>Describe the different clustering capabilities</li><li>Introduce the concepts of indexer and search head clustering</li></ul>Module 6 - Forwarder and Deployment Best Practices <ul> <li>Review types of forwarders</li><li>Describe how to manage forwarder installation</li><li>Review configuration management for all Splunk components, using Splunk deployment tools</li><li>Provide best practices for a Splunk deployment</li></ul>Module 7 - Integration <ul> <li>Describe integration methods</li><li>Identify common integration points</li></ul>Module 8 – Performance Monitoring and Tuning <ul> <li>Use the Monitoring Console to track the performance of your test environment</li><li>List options to fine tune performance for production environment</li></ul>Module 9 – Use Cases <ul> <li>Provide example architecture topologies</li><li>Discuss different architecture options based on use case</li></ul><h4>Troubleshooting Splunk Enterprise</h4> Module 1 – Splunk Troubleshooting Methods and Tools <ul> <li>Describe the Splunk Troubleshooting Approach</li><li>List Splunk Diagnostic Resources and Tools</li><li>Create and Splunk a Diag</li><li>Use RapidDiag</li></ul>Module 2 – Indexing Problems <ul> <li>Discover Splunk Deployment Topology and its Server Roles</li><li>Identify Where to Check the Index-Time Pipeline Status</li><li>Use the metrics.log to Clarify the Index-Time Problem</li></ul>Module 3 – Input Configuration Problems <ul> <li>Data Input Issues</li><li>Troubleshooting Inputs with the Monitoring Console</li></ul>Module 4 – Deployment and Forwarder Problems <ul> <li>Deployment Server Issues</li><li>Forwarding and Receiving Issues</li></ul>Module 5 – License, Upgrade, and User Management Problems <ul> <li>Installation Issues</li><li>Upgrade Considerations</li><li>Splunk Licensing Issues</li><li>Splunk Roles and User Management Issues</li></ul>Module 6 – Search Head Management Problems <ul> <li>Troubleshoot Distributed Search Issues</li><li>Identify Job Scheduling Problems</li><li>Learn to Diagnose Crashing Problems</li><li>Describe How to Prioritize Resources for Critical Splunk Processes</li></ul>Module 7 – User Search Problems <ul> <li>Identify the Types of Search Problems</li><li>Isolate and Troubleshoot Search Problems</li></ul><h5>Splunk Enterprise Cluster Administration</h5> Module 1 – Splunk Troubleshooting Methods and Tools <ul> <li>Deployment Design Factors</li><li>How Splunk Enterprise can scale</li><li>Splunk License Master</li><li>Splunk 9.0 Security</li></ul>Module 2 – Single-site Indexer Cluster <ul> <li>How Splunk Single-Site Indexer Clusters Work</li><li>Indexer Cluster Components and Terms</li><li>Splunk single-site Indexer Cluster Configuration</li><li>Splunk Indexer Cluster Log Channels</li></ul>Module 3 – Multisite Indexer Cluster <ul> <li>How Splunk Multisite Indexer Clusters Work</li><li>Multisite Indexer Cluster Terms</li><li>Multisite Indexer Cluster Configuration</li><li>Optional Multisite Indexer Cluster Configurations</li></ul>Module 4 – Indexer Cluster Management and Administration <ul> <li>Peer Offline and Decommission</li><li>Master App Bundles</li><li>Indexer Cluster Storage Utilization Options</li><li>Site Mapping</li><li>Monitoring Console for Indexer Cluster Environment</li><li>Cluster Manager Redundancy</li></ul>Module 5 – Forwarder Management <ul> <li>Indexer Discovery</li><li>Optional Indexer Discovery Configurations</li><li>Volume-Based Forwarder Load Balancing</li></ul>Module 6 – Search Head Cluster <ul> <li>Search Head Cluster Architecture</li><li>Search Head Cluster Configuration</li><li>Captaincy Identification and Cluster Status</li><li>Search Head Cluster Settings</li></ul>Module 7 – Search Head Cluster Management <ul> <li>Search Head Cluster Deployer</li><li>Captaincy Transfer</li><li>Search Head Member Addition and Decommissioning</li><li>Monitoring Console for Search Head Cluster</li></ul>Module 8 – KV Store Collection and Lookup Management <ul> <li>KV Store Collection in Splunk Clusters</li><li>KV Store Monitoring with Monitoring Console</li></ul>Module 9 – Introduction to Smart Store <ul> <li>SmartStore Deployment Use Cases</li><li>SmartStore Architecture Overview</li><li>Enable SmartStore in Indexer Cluster</li><li>Monitor SmartStore Status</li></ul><h4>Architecting Splunk Enterprise Deployments</h4> Module 1 – Introduction <ul> <li>Overview of the Splunk deployment planning process and associated tools</li></ul>Module 2 – Project Requirements <ul> <li>Identify critical information about environment, volume, users, and requirements</li><li>Review checklists and resources to aid in collecting requirements</li></ul>Module 3 – Infrastructure Planning: Index Design <ul> <li>Design and size indexes</li><li>Estimate storage requirements</li><li>Identify relevant apps</li></ul> Module 4 – Infrastructure Planning: Resource Planning <ul> <li>List sizing factors for servers</li><li>Describe how reference hardware is used to scale deployments</li><li>Identify the impact of clustering for index replication and for search heads</li></ul>Module 5- Clustering Overview <ul> <li>Describe the different clustering capabilities</li><li>Introduce the concepts of indexer and search head clustering</li></ul>Module 6 - Forwarder and Deployment Best Practices <ul> <li>Review types of forwarders</li><li>Describe how to manage forwarder installation</li><li>Review configuration management for all Splunk components, using Splunk deployment tools</li><li>Provide best practices for a Splunk deployment</li></ul>Module 7 - Integration <ul> <li>Describe integration methods</li><li>Identify common integration points</li></ul>Module 8 – Performance Monitoring and Tuning <ul> <li>Use the Monitoring Console to track the performance of your test environment</li><li>List options to fine tune performance for production environment</li></ul>Module 9 – Use Cases <ul> <li>Provide example architecture topologies</li><li>Discuss different architecture options based on use case</li></ul>At the end of this course, you should be able to : - Understand Splunk Troubleshooting Methods and Tools - Index Problems - Input Configuration Problems - Understand Deployment Problems - Understand License, Upgrade, and User Management Problems - Understand Search Management Problems - User Search Problems - Understand the Splunk Support Model and its resources - Identify the best practices for troubleshooting Splunk Enterprise - List ways to gather useful Splunk diagnostic information - Use Splunk diagnostic tools - Identify common Splunk technical issues and solve them - Understand Requirements definition - Understand Index and resource planning - Understand Cluster - Understand Forwarder and Deployment - Integration - Understand Performance Monitoring and Tuning - Understand Large-scale Splunk Deployment - Understand Single-site Indexer Cluster - Understand Indexer Cluster Management and Administration - Understand Forwarder Configuration - Understand Search Head Cluster - Understand Search Head Cluster Management and Administration - Understand KV Store Collection and Lookup Management - Understand SmartStore ImplementationSplunk Core Certified Power User AND Splunk Enterprise Certified Admin. Hard pre-req: The three ILTs in this path PLUS the Splunk Enterprise Practical Lab.Splunk administrators Eexperienced Splunk Enterprise administrator who is new to Splunk ClustersTroubleshooting Splunk Enterprise Module 1 – Splunk Troubleshooting Methods and Tools - Describe the Splunk Troubleshooting Approach - List Splunk Diagnostic Resources and Tools - Create and Splunk a Diag - Use RapidDiag Module 2 – Indexing Problems - Discover Splunk Deployment Topology and its Server Roles - Identify Where to Check the Index-Time Pipeline Status - Use the metrics.log to Clarify the Index-Time Problem Module 3 – Input Configuration Problems - Data Input Issues - Troubleshooting Inputs with the Monitoring Console Module 4 – Deployment and Forwarder Problems - Deployment Server Issues - Forwarding and Receiving Issues Module 5 – License, Upgrade, and User Management Problems - Installation Issues - Upgrade Considerations - Splunk Licensing Issues - Splunk Roles and User Management Issues Module 6 – Search Head Management Problems - Troubleshoot Distributed Search Issues - Identify Job Scheduling Problems - Learn to Diagnose Crashing Problems - Describe How to Prioritize Resources for Critical Splunk Processes Module 7 – User Search Problems - Identify the Types of Search Problems - Isolate and Troubleshoot Search Problems Splunk Enterprise Cluster Administration Module 1 – Splunk Troubleshooting Methods and Tools - Deployment Design Factors - How Splunk Enterprise can scale - Splunk License Master - Splunk 9.0 Security Module 2 – Single-site Indexer Cluster - How Splunk Single-Site Indexer Clusters Work - Indexer Cluster Components and Terms - Splunk single-site Indexer Cluster Configuration - Splunk Indexer Cluster Log Channels Module 3 – Multisite Indexer Cluster - How Splunk Multisite Indexer Clusters Work - Multisite Indexer Cluster Terms - Multisite Indexer Cluster Configuration - Optional Multisite Indexer Cluster Configurations Module 4 – Indexer Cluster Management and Administration - Peer Offline and Decommission - Master App Bundles - Indexer Cluster Storage Utilization Options - Site Mapping - Monitoring Console for Indexer Cluster Environment - Cluster Manager Redundancy Module 5 – Forwarder Management - Indexer Discovery - Optional Indexer Discovery Configurations - Volume-Based Forwarder Load Balancing Module 6 – Search Head Cluster - Search Head Cluster Architecture - Search Head Cluster Configuration - Captaincy Identification and Cluster Status - Search Head Cluster Settings Module 7 – Search Head Cluster Management - Search Head Cluster Deployer - Captaincy Transfer - Search Head Member Addition and Decommissioning - Monitoring Console for Search Head Cluster Module 8 – KV Store Collection and Lookup Management - KV Store Collection in Splunk Clusters - KV Store Monitoring with Monitoring Console Module 9 – Introduction to Smart Store - SmartStore Deployment Use Cases - SmartStore Architecture Overview - Enable SmartStore in Indexer Cluster - Monitor SmartStore Status Architecting Splunk Enterprise Deployments Module 1 – Introduction - Overview of the Splunk deployment planning process and associated tools Module 2 – Project Requirements - Identify critical information about environment, volume, users, and requirements - Review checklists and resources to aid in collecting requirements Module 3 – Infrastructure Planning: Index Design - Design and size indexes - Estimate storage requirements - Identify relevant apps Module 4 – Infrastructure Planning: Resource Planning - List sizing factors for servers - Describe how reference hardware is used to scale deployments - Identify the impact of clustering for index replication and for search heads Module 5- Clustering Overview - Describe the different clustering capabilities - Introduce the concepts of indexer and search head clustering Module 6 - Forwarder and Deployment Best Practices - Review types of forwarders - Describe how to manage forwarder installation - Review configuration management for all Splunk components, using Splunk deployment tools - Provide best practices for a Splunk deployment Module 7 - Integration - Describe integration methods - Identify common integration points Module 8 – Performance Monitoring and Tuning - Use the Monitoring Console to track the performance of your test environment - List options to fine tune performance for production environment Module 9 – Use Cases - Provide example architecture topologies - Discuss different architecture options based on use caseTroubleshooting Splunk Enterprise Module 1 – Splunk Troubleshooting Methods and Tools - Describe the Splunk Troubleshooting Approach - List Splunk Diagnostic Resources and Tools - Create and Splunk a Diag - Use RapidDiag Module 2 – Indexing Problems - Discover Splunk Deployment Topology and its Server Roles - Identify Where to Check the Index-Time Pipeline Status - Use the metrics.log to Clarify the Index-Time Problem Module 3 – Input Configuration Problems - Data Input Issues - Troubleshooting Inputs with the Monitoring Console Module 4 – Deployment and Forwarder Problems - Deployment Server Issues - Forwarding and Receiving Issues Module 5 – License, Upgrade, and User Management Problems - Installation Issues - Upgrade Considerations - Splunk Licensing Issues - Splunk Roles and User Management Issues Module 6 – Search Head Management Problems - Troubleshoot Distributed Search Issues - Identify Job Scheduling Problems - Learn to Diagnose Crashing Problems - Describe How to Prioritize Resources for Critical Splunk Processes Module 7 – User Search Problems - Identify the Types of Search Problems - Isolate and Troubleshoot Search Problems Splunk Enterprise Cluster Administration Module 1 – Splunk Troubleshooting Methods and Tools - Deployment Design Factors - How Splunk Enterprise can scale - Splunk License Master - Splunk 9.0 Security Module 2 – Single-site Indexer Cluster - How Splunk Single-Site Indexer Clusters Work - Indexer Cluster Components and Terms - Splunk single-site Indexer Cluster Configuration - Splunk Indexer Cluster Log Channels Module 3 – Multisite Indexer Cluster - How Splunk Multisite Indexer Clusters Work - Multisite Indexer Cluster Terms - Multisite Indexer Cluster Configuration - Optional Multisite Indexer Cluster Configurations Module 4 – Indexer Cluster Management and Administration - Peer Offline and Decommission - Master App Bundles - Indexer Cluster Storage Utilization Options - Site Mapping - Monitoring Console for Indexer Cluster Environment - Cluster Manager Redundancy Module 5 – Forwarder Management - Indexer Discovery - Optional Indexer Discovery Configurations - Volume-Based Forwarder Load Balancing Module 6 – Search Head Cluster - Search Head Cluster Architecture - Search Head Cluster Configuration - Captaincy Identification and Cluster Status - Search Head Cluster Settings Module 7 – Search Head Cluster Management - Search Head Cluster Deployer - Captaincy Transfer - Search Head Member Addition and Decommissioning - Monitoring Console for Search Head Cluster Module 8 – KV Store Collection and Lookup Management - KV Store Collection in Splunk Clusters - KV Store Monitoring with Monitoring Console Module 9 – Introduction to Smart Store - SmartStore Deployment Use Cases - SmartStore Architecture Overview - Enable SmartStore in Indexer Cluster - Monitor SmartStore Status Architecting Splunk Enterprise Deployments Module 1 – Introduction - Overview of the Splunk deployment planning process and associated tools Module 2 – Project Requirements - Identify critical information about environment, volume, users, and requirements - Review checklists and resources to aid in collecting requirements Module 3 – Infrastructure Planning: Index Design - Design and size indexes - Estimate storage requirements - Identify relevant apps Module 4 – Infrastructure Planning: Resource Planning - List sizing factors for servers - Describe how reference hardware is used to scale deployments - Identify the impact of clustering for index replication and for search heads Module 5- Clustering Overview - Describe the different clustering capabilities - Introduce the concepts of indexer and search head clustering Module 6 - Forwarder and Deployment Best Practices - Review types of forwarders - Describe how to manage forwarder installation - Review configuration management for all Splunk components, using Splunk deployment tools - Provide best practices for a Splunk deployment Module 7 - Integration - Describe integration methods - Identify common integration points Module 8 – Performance Monitoring and Tuning - Use the Monitoring Console to track the performance of your test environment - List options to fine tune performance for production environment Module 9 – Use Cases - Provide example architecture topologies - Discuss different architecture options based on use case5 jours4000.004000.004000.004000.003335.004000.004000.004000.004000.004000.004400.00400.00400.00400.00400.00400.00