Services Core Implementation

Services Core ImplementationSCISPSplunkSP-SCI1.0Topic 1 – Deploying Splunk <ul> <li>Introduce the Splunk Validated Architectures</li><li>Review how Splunk can grow from a standalone environment to a distributed environment with indexer and search head clustering</li><li>Explain High Availability and Disaster Recovery</li><li>Discuss migrating Splunk from on-premises to the Cloud</li><li>Lab 0: Grade Me</li></ul> Topic 2 – Monitoring Console <ul> <li>Discuss the best instance to configure as the Monitoring Console</li><li>Configure the MC for a single or distributed environment</li><li>Examine how the MC uses the server roles and groups assigned to instances</li><li>Discuss health checks and how they are run</li><li>Lab 1 - Discovery</li></ul> Topic 3 – Configuration Management <ul> <li>Define deployment apps</li><li>Provide overview of Deployment Server</li><li>Describe deployment system configuration</li><li>Discuss how to manage Deployment Server at scale</li><li>Lab 5: Scale DS</li></ul> Topic 4 – Access & Roles <ul> <li>Discuss how to manage Deployment Server at scale</li><li>Identify authentication methods</li><li>Describe LDAP concepts and configuration</li><li>Discuss SAML and SSO options</li><li>Define roles and how they are used to protect data</li><li>Lab 2: LDAP Integration</li></ul> Topic 5 – Data Collection <ul> <li>Examine Splunk to Splunk (S2S) communication and the different ways data is sent from forwarder to indexer</li><li>Describe the types and configuration of data inputs</li><li>Discuss ways to troubleshoot data inputs</li><li>Lab 3: Triage broken forwarder</li></ul> Topic 6 – Indexing <ul> <li>Review indexing artifacts and locations</li><li>Discuss event processing and data pipelines</li><li>Understand the underlying text parsing and indexing process</li><li>Examine data retention controls</li><li>Lab 4: Triage indexing issue</li></ul> Topic 7 – Search <ul> <li>Examine the inter-workings of a search</li><li>Discuss how to use search job inspection</li><li>Look at the different search types and how to maximize search efficiency</li><li>Review sub-searches and how they work</li><li>Examine some example searches and how to make them more efficient</li></ul> Topic 8 – Index Clustering <ul> <li>Provide an architecture overview</li><li>Describe deployment and component configuration</li><li>Review upgrade strategy</li><li>Discuss data buckets and lifecycle</li><li>Examine failure modes and recovery processes</li><li>Introduce multi-site clustering</li><li>Understand migration procedures</li><li>Lab 6: Upgrade Index Cluster</li><li>Lab 7: Expand Cluster & Migrate Indexer data</li></ul> Topic 9 – Search Head Clustering <ul> <li>Provide overview of Search Head clustering</li><li>Explain how to manage and deploy a cluster</li><li>Describe content management using the Deployer</li><li>Review the role of cluster members and the Captain</li><li>Lab 8 – Install SHC</li></ul> Appendix A – REST API <ul> <li>Define the Splunk REST API</li><li>Discuss requests, endpoints, and namespaces</li><li>Examine tools and methods for using the API</li></ul><ul> <li>Splunk Certified Architect +</li></ul><ul> <li>Splunk architecture</li><li>Monitoring Console</li><li>Deployment Server</li><li>LDAP integration</li><li>Collecting and forwarding data</li><li>Indexing and Searching</li><li>Clustering indexers</li><li>Clustering Search Heads</li></ul>Topic 1 – Deploying Splunk - Introduce the Splunk Validated Architectures - Review how Splunk can grow from a standalone environment to a distributed environment with indexer and search head clustering - Explain High Availability and Disaster Recovery - Discuss migrating Splunk from on-premises to the Cloud - Lab 0: Grade Me Topic 2 – Monitoring Console - Discuss the best instance to configure as the Monitoring Console - Configure the MC for a single or distributed environment - Examine how the MC uses the server roles and groups assigned to instances - Discuss health checks and how they are run - Lab 1 - Discovery Topic 3 – Configuration Management - Define deployment apps - Provide overview of Deployment Server - Describe deployment system configuration - Discuss how to manage Deployment Server at scale - Lab 5: Scale DS Topic 4 – Access & Roles - Discuss how to manage Deployment Server at scale - Identify authentication methods - Describe LDAP concepts and configuration - Discuss SAML and SSO options - Define roles and how they are used to protect data - Lab 2: LDAP Integration Topic 5 – Data Collection - Examine Splunk to Splunk (S2S) communication and the different ways data is sent from forwarder to indexer - Describe the types and configuration of data inputs - Discuss ways to troubleshoot data inputs - Lab 3: Triage broken forwarder Topic 6 – Indexing - Review indexing artifacts and locations - Discuss event processing and data pipelines - Understand the underlying text parsing and indexing process - Examine data retention controls - Lab 4: Triage indexing issue Topic 7 – Search - Examine the inter-workings of a search - Discuss how to use search job inspection - Look at the different search types and how to maximize search efficiency - Review sub-searches and how they work - Examine some example searches and how to make them more efficient Topic 8 – Index Clustering - Provide an architecture overview - Describe deployment and component configuration - Review upgrade strategy - Discuss data buckets and lifecycle - Examine failure modes and recovery processes - Introduce multi-site clustering - Understand migration procedures - Lab 6: Upgrade Index Cluster - Lab 7: Expand Cluster & Migrate Indexer data Topic 9 – Search Head Clustering - Provide overview of Search Head clustering - Explain how to manage and deploy a cluster - Describe content management using the Deployer - Review the role of cluster members and the Captain - Lab 8 – Install SHC Appendix A – REST API - Define the Splunk REST API - Discuss requests, endpoints, and namespaces - Examine tools and methods for using the API- Splunk Certified Architect +- Splunk architecture - Monitoring Console - Deployment Server - LDAP integration - Collecting and forwarding data - Indexing and Searching - Clustering indexers - Clustering Search Heads5 jours4000.004000.004000.004000.004000.004000.004000.004000.00400.00400.00400.00400.00