Prerequisites
To apply for the Splunk Training in Bangalore, you need to either:
- There are no specific prerequisites to take up the Splunk Training at HKR.
- However, it will be an added advantage if you know the Data Analytics concepts to learn Splunk easily.
Course Curriculum
Module 1: Splunk development basics
- Splunk Overview
- Why use Splunk?
- Splunk developer roles and responsibilities
Module 2: Basic searching
- Creatinga a search query in Splunk
- Use auto-complete to create a search
- Time span
- Filter your search
- Event Management
- Recognizing the search’s contents
- Managing a Job Search
Module 3: Fields in searches
- What is a Field
- How to use Fields in search
- Deploying Fields Sidebar and Field Extractor for REGEX field extraction
- Delimiting Field Extraction using FX
Module 4: Saving and scheduling searches
- Writing Splunk query for search,
- Sharing, saving
- Scheduling and exporting search results
Module 5: Scheduled reports
- Describe the reports and
- Configuring the reports.
Module 6: Creating alerts
- How to create alerts
- Understanding alerts
- Viewing fired alerts
Module 7: Tags and event types
- Introduction to Tags in Splunk
- Deploying Tags for Splunk search
- Understanding event types and utility
- Generating and implementing event types in search
Module 8: Creating the macros
- Macro Overview
- What are variables and arguments in Macros
Module 9: Workflow
- Create get, post, and search workflow options
Module 10: Splunk search commands
- Studying the search command
- The general search practices
- What is a search pipeline
- How to specify indexes in search
- Highlighting the syntax
- Deploying the various search commands like fields, tables, sort, rename, rex and erex
Module 11: Transforming and reporting commands
- Use top, rare and stat commands
- Using following commands and their functions: addcoltotals, addtotals, top, rare and stats
Module 12: Mapping an single valued commands
- Iplocation, geostats, geom and addtotals commands
Module 13: Splunk reports and Virtualization
- Explore the available visualizations
- Create charts and time charts
- Omit null values and format results
Module 14: Analyzing, calculating and formatting results
- Calculating and analyzing results
- Value conversion
- Roundoff and format values
- Using the eval command
- Conditional statements
- Filtering calculated search results
Module15: Correlating events
- How to search the transactions
- Creating report on transactions
- Grouping events using time and fields
- Comparing transactions with stats
Module16: Data lookups
- Learning data lookups
- Examples and lookup tables
- Defining and configuring automatic lookups
- Deploying lookups in reports and searches
Module 17: Creating reports and dashboards
- Creating search charts, reports and dashboards
- Editing reports and dashboards
- Adding reports to dashboards
Module 18: Parsing
- Working with raw data for data extraction, transformation, parsing and preview
Module 19: Pivot
- Describe pivot
- Relationship between data model and pivot
- Select a data model object
- Create a pivot report
- Create instant pivot from a search
- Add a pivot report to dashboard
Module20: Common Information Model-CIM
- Splunk CIM Overview
- Utilizing the CIM Add-On to normalize data
Section 2: Splunk Administration Course Curriculum
Module1: Splunk Overview
- Introduction to the architecture of Splunk
- Various server settings
- How to set up alerts
- Various types of licenses
- Important features of Splunk tool
- The requirements of hardware and conditions needed for installation of Splunk
Module2: Splunk Installation
- How to install and configure Splunk
- The creation of index
- Standalone server’s input configuration
- The preferences for search
- Linux environment Splunk installation
- The administering and architecting of Splunk
Module3: Splunk Installation in Linux
- How to install Splunk in the Linux environment
- The conditions needed for Splunk
- Configuring Splunk in the Linux environment
Module4: Distributed management console
- Splunk distributed management console
- Indexing of clusters
- How to deploy distributed search in Splunk environment
- Forwarder management
- User authentication and access control
Module6: Splunk Indexes and uses
- Index time configuration file
- The search time configuration file
Module5: Splunk App
- Introduction to the Splunk app
- How to develop Splunk apps
- Splunk app management
- Splunk app add-ons
- Using Splunk-base for installation and deletion of apps
- Different app permissions and implementation
- How to use the Splunk appApps on forwarder
Module7: Splunk Configuration files
- Understanding of Index time and search time configuration files in Splunk
- Forwarder installation
- Input and output configuration
- Universal Forwarder management
- Splunk Universal Forwarder highlights
Module8: Splunk Deployment Management
- Implementing the Splunk tool
- Deploying it on the server
- Splunk environment setup
- Splunk client group deployment
Module9: Splunk Indexes
- Understanding the Splunk Indexes
- The default Splunk Indexes
- Segregating the Splunk Indexes
- Learning Splunk Buckets and Bucket Classification
- Estimating Index storage
- Creating new Index
Module10: User roles and authentication
- Exploring the concept of role inheritance
- Splunk authentications
- Native authentications
- LDAP authentications
Module11: Splunk Administration environment
- Splunk installation, configuration
- Data inputs
- App management
- Splunk important concepts
- Parsing machine-generated data
- Search indexer and forwarder
Module12: Production environment
- Splunk Configuration Files
- Exploring the Universal Forwarder and Forwarder Management
- Understanding about the management, troubleshooting and monitoring
Module13: Splunk Search engine
- Converting machine-generated data into operational intelligence
- Setting up the dashboard, reports and charts
- Integrating Search Head Clustering and Indexer Clustering
Module14: Splunk input methods
- Exploring the Splunk input methods
- Deploying scripted, Windows and network
- Agentless input types and fine-tuning them all
Module15: Splunk Index Management
- Splunk user authentication and job role assignment
- Understanding on how to manage, monitor and optimize Splunk Indexes
Module16: Machine data parsing
- Exploring about the parsing of machine-generated data
- Manipulation of raw data
- Previewing and parsing
- Data field extraction
- Comparing single-line and multi-line events
Module17: Search scaling and monitoring
- Distributed search concepts
- Improving search performance
- Large-scale deployment and overcoming execution hurdles
- Working with Splunk Distributed Management Console for monitoring the entire operation
Module18: Splunk Cluster Implementation
- Exploring the Cluster indexing
- Understanding about the configuring individual nodes
- Configuring the cluster behavior, index and search behavior
- Setting node type to handle different aspects of the cluster like master node, peer node and search head.
Section3: Conclusion
- Summarizing all the above discussed points here
