Splunk (Admin + Dev) Certification Training

✔ Overview
✔ Packages
✔ Components and capabilities
✔ Lab Setup
✔ Basic Linux commands
✔ Installation pre-requisites
✔ Full Package installation
✔ Forwarder installation
✔ Understanding the difference
✔ Bootstrap
✔ Port Change
✔ Uninstallation

✔ Forwarding and Receiving
✔ Testing to default and custom index
✔ Source type and metadata creation
✔ Acknowledgment
✔ TCP ROUTING
✔ Same data to two groups
✔ Load balancing
✔ Discard Historical data
✔ Input filters
✔ Adding Search head component

✔ What is Forwarder Management
✔ Deployment server setup
✔ Deployments clients setup
✔ Troubleshooting & managing

✔ Line breaking
✔ Epoch time
✔ Timestamp extraction
✔ Props and transforms
✔ Log file resizing
✔ GUIDE
✔ Upgradation
✔ Throughput Changes
✔ Queue concept

✔ What is a Heavy forwarder in Splunk
✔ Metadata Override
✔ Discard Garbage data
✔ Anonymize the PS Data
✔ Implementation
✔ Disable Splunk Web

✔ SNMP configuration
✔ Fishbucket configuration
✔ Source type renaming
✔ Dispatch directory size

✔ CSV Extraction
✔ Adding custom time range
✔ Concurrent search quota
✔ Users’ roles and authentication

✔ Storage Size calculation
✔ Index creation
✔ Custom index creation
✔ Indexing Cluster theory
✔ Indexing Cluster Implementation
✔ Multisite Designing
✔ Cluster management
✔ Licensing

✔ Search head cluster
✔ Role of Deployer
✔ Implementation

✔ Internal Log Analysis
✔ Architecture Planning
✔ Troubleshooting
✔ Configuration file Overview

✔ List the major architectural components of Oracle DBA

✔ Explain the memory structures

✔ Describe the background processes

✔ Understanding 12c multitenant architecture

✔ Exploring CDB and PDB databases

✔ Overview
✔ Prerequisites and Installing S-plunk Enterprise
✔ Navigating S-plunk Web
✔ On-boarding data into S-plunk Enterprise

✔ Splunk knowledge objects Overview
✔ Classify and group events
✔ Define and Maintain Event types
✔ Tags creation
✔ Field extractions
✔ Field Extractor
✔ Search-time field extractions
✔ Regular expression overview
✔ Extract fields with search commands
✔ Create custom fields at index time
✔ Overview of Lookups
✔ Usage of Field lookups to add info to your events
✔ Configuring and customizing Lookups
✔ Saved Searches
✔ Splunk CIM Overview and its correlation
✔ Specify Cron Notation

✔ Types of searches
✔ Retrieving events
✔ Specifying time ranges
✔ Using subsearch
✔ Creating statistical tables and charts
✔ Grouping and correlating events
✔ Predicting future events
✔ Common search commands
✔ Best practices in optimizing search
✔ Functions for eval and stats command
✔ Application of the following search commands by category
✔ Correlation
✔ Anomaly Detection
✔ Reporting
✔ Geographic
✔ Prediction and Trending
✔ Search and Sub-search commands
✔ Time commands
✔ Formats for converting strings into time-stamps
✔ Understanding SPL syntax
✔ Usage of Keywords and Boolean operators

✔ Views Overview
✔ Simple XML
✔ Dashboards Overview
✔ Functionalities
✔ Panel creation and customization
✔ Drill down
✔ Employing Queries in Dashboards
✔ Implementing JavaScript and CSS into Dashboards –
✔ Forms Creation –
✔ Form inputs definition –
✔ Macros Overview –
✔ Understanding of Data Models

✔ Alerts Overview
✔ Types of Alerts
✔ Setup Alert actions
✔ Scheduled Alert
✔ Real-time Alert
✔ Custom conditional Alerts
✔ Triggered Alerts
✔ Alert Manager Usage
✔ Alert Functionalities
✔ Alert examples
✔ Alerts via saved search.conf
✔ Usage of Tokens
✔ Troubleshooting Steps

✔ Reporting Overview
✔ Create and Edit Reports
✔ Accelerate Report
✔ Setup Scheduled Reports
✔ Customize Report Formats
✔ Report Functionalities
✔ Report examples
✔ Report via saved search.conf
✔ Usage of Tokens
✔ Troubleshooting Steps

✔ Walk-through over S-plunk Apps
✔ Basic Understanding of App creation