Courses for Splunk Administrators: Enterprise Data Administration
This Courses for Splunk Administrators: Enterprise Data Administration training course is made for a system admin who is responsible for getting information into Splunk Indexers. The Splunk Admin training course giving the awareness of Splunk forwarders and ways
It tells about the installation, configuration, management, monitoring, and the troubleshooting of the Splunk forwarders and Splunk Deployment Server components.
The lessons include changing the commands and visualizations, filtering and configuring the results, correlating events, making objects, and the calculated fields, and event types using macros, making workflow actions and information models, and normalizing the information with the Common Interface Model (CIM).
-
Module 1 -Introduction to Data Administration
-
Module 2 - Getting Data In - Staging
-
Module 3 - Configuring Forwarders
-
Module 4 - Forwarder Management
-
Module 5 - Monitor Inputs
-
Module 6 - Network and Scripted Inputs
-
Module 7 - Agentless Inputs
-
Module 8 - Fine Tuning Inputs
-
Module 9 - Parsing Phase and Data
-
Module 10 - Manipulating Raw Data
- Lesson 1: Explain how data transformations are defined and invoked
- Lesson 2: Use transformations with props.conf and transforms.conf to:
- Lesson 3: Mask or delete raw data as it is being indexed
- Lesson 4: Override sourcetype or host based upon event values
- Lesson 5: Route events to specific indexes based on event content
- Lesson 6: Prevent unwanted events from being indexed
- Lesson 7: Use SEDCMD to modify raw data
-
Module 11 - Supporting Knowledge Objects
-
Module 12 - Creating a Diag
0.00 average based on 0 ratings
