Splunk Enterprise Administration Fundamentals

5 H 31 M

Just you? Training a whole team? There's an ITProTV plan that fits.

Start Training Today
  • Implement Enterprise Splunk for Your Business
    • Course Overview
    • A Condensed History of Splunk
    • Why Splunk Can Change Your World
    • The Components of Splunk
    • Installing Splunk and Sample Data
    • Splunk Licensing
    • The Configuration Directory Structure
    • Configuration Layering and Precedence
    • Using btool to Analyze Configurations
    • Splunk Indexes
    • The Fishbucket
    • Data Retention Policies
    • User and Authentication Management
  • Getting Your Data Into Splunk Effortlessly
    • The Indexing Process Detailed
    • Basic Settings for a Data Input
    • Types of Splunk Forwarders
    • Monitored Inputs
    • Network and Scripted Inputs
    • Agentless Inputs
    • Fine Tuning Inputs
    • Deploy a Splunk Universal Forwarder
    • Using Forwarder Management
    • Configuring Distributed Search
  • Amping Up Splunk with Advanced Admin
    • Understand Parsing
    • Configure and Optimize Event Line Breaking
    • Configure and Optimize Timestamps and Time Zones
    • Use Data Preview To Validate Input
    • Understand Data Transformations in Splunk
    • Transform Data with props.conf and transforms.conf
    • Use SEDCMD to Modify Raw Data
    • Supporting Search Users and Their Knowledge Objects
    • Final Thoughts

Course Overview

1 M

itprotv course thumbnailitprotv course thumbnailitprotv course thumbnail
  • Episode Description
  • Transcript

WEBVTT >> Hi there. My name is Anthony Sequeira here at ACI Learning, and I am thrilled that you are joining me for this exploration of Splunk. Splunk is a technology software package that many in our industry of information technology have heard of, but maybe have not gotten a chance to get their hands on. What Splunk is going to do for us is it's going to ingest all of our text data that is describing things about our organization. How about log files? How about crash reports? Any text data that we utilize to run our business can be ingested in Splunk and then analyzed with ease. In this course, Lauren Deal and myself are going to walk you through how to get your hands on Splunk, how to get data into Splunk, how to perform advanced administrative tasks with a Splunk ecosystem. I am thrilled that you are interested in this important security incident event management or SIEM system called Splunk. And let's get started, as we've got a lot to cover with you.