Home > Vendors > splunk > splk-scad

Share

SPLK-SCAD - Splunk Cluster Administration

This 3-virtual day course is for an experienced Splunk Enterprise administrator who is new to Splunk Clusters. The course provides the fundamental knowledge of deploying and managing Splunk Enterprise in a clustered environment. It covers the installation, configuration, management, and monitoring of Splunk clusters. While Splunk Clusters are supported in Windows environments, the class lab environment is running Linux instances only.

Duration: 3.0 days

Enquire Now

Schedule

Virtual ILT | 22 May 2024 - 24 May 2024 India
Virtual ILT | 22 May 2024 - 24 May 2024 Sri Lanka

Start learning today!

Click Hereto customize your Training

Objectives

  • Large-scale Splunk Deployment Overview
  • Identify factors affecting large-scale Splunk deployments
  • Set up Splunk indexer clusters
  • Deploy and configure a Splunk search head cluster
  • Add new nodes into an existing cluster
  • Decommission nodes from an existing cluster
  • Deploy apps and configuration bundles in Splunk clusters
  • Manage KV store collections and lookups in Splunk clusters
  • Monitor and identify clustering issues with Monitoring Console
  • Scale Splunk indexer cluster with SmartStore

Content

Module 1 – Splunk Troubleshooting Methods and Tools

  • Deployment Design Factors
  • How Splunk Enterprise can scale
  • Splunk License Master

Module 2 – Singe-site Indexer Cluster

  • How Splunk Single-Site Indexer Clusters Work
  • Indexer Cluster Components and Terms
  • Splunk single-site Indexer Cluster Configuration
  • Splunk Indexer Cluster Log Channels

Module 3 – Multisite Indexer Cluster

  • How Splunk Multisite Indexer Clusters Work
  • Multisite Indexer Cluster Terms
  • Multisite Indexer Cluster Configuration
  • Optional Multisite Indexer Cluster Configurations

Module 4 – Indexer Cluster Management and Administration

  • Peer Offline and Decommission
  • Manager App Bundles
  • Indexer Cluster Storage Utilization Options
  • Site Mapping
  • Monitoring Console for Indexer Cluster Environment
  • Cluster Manager Redundancy

Module 5 – Forwarder Management

  • Indexer Discovery
  • Optional Indexer Discovery Configurations
  • Volume-Based Forwarder Load Balancing

Module 6 – Search Head Cluster

  • Search Head Cluster Architecture
  • Search Head Cluster Configuration
  • Captaincy Identification and Cluster Status
  • Search Head Cluster Settings

Module 7 – Search Head Cluster Management

  • Search Head Cluster Deployer
  • Captaincy Transfer
  • Search Head Member Addition and Decommissioning
  • Monitoring Console for Search Head Cluster

Module 8 – KV Store Collection and Lookup Management

  • KV Store Collection in Splunk Custers
  • KV Store Monitoring with Monitoring Console

Module 9 – Introduction to Smart Store

  • SmartStore Deployment Use Cases
  • SmartStore Architecture Overview
  • Enable SmartStore in Indexer Cluster
  • Monitor SmartStore Status

Audience

  • Splunk Administrator
  • Developer
  • User
  • Knowledge Manager
  • Architect

Prerequisites

To be successful, students should have a solid understanding of the topics covered in the following courses:

  • What is Splunk?
  • Intro to Splunk
  • Using Fields
  • Scheduling Reports and Alerts
  • Introduction to Knowledge Objects
  • Creating Knowledge Objects
  • Creating Field Extractions
  • Splunk Enterprise System Administration
  • Splunk Enterprise Data Administration
  • Troubleshooting Splunk Enterprise

Certification

product-certification

Course Benefits

product-benefits
  • Career growth
  • Broad Career opportunities
  • Worldwide recognition from leaders
  • Up-to Date technical skills
  • Popular Certification Badges

Splunk Popular Courses

splk-sefs

This "Fast Start" course covers over 60 commands and functions and prepares students to be search experts.

splk-iiss

This course prepares security practitioners to use SOAR to respond to security incidents.

splk-dyd

This course focuses on creating inputs, chain searches, event annotations, and improving dashboard performance.

splk-introdyd

This course focuses on dashboard creation, including prototyping, the dashboard definition, layouts types, adding visualizations, and dynamic coloring.
Enquire Now
OCcvIS
By clicking "Submit", I agree to the Terms Of Use and Privacy Policy