SPLK-SCI - Services: Core Implementation

This expert-level course is an immersive five-day assessment-based bootcamp used to give attendees the opportunity to cement their knowledge in working with the Splunk core platform effectively and at-scale using Professional Services (PS) best-practice techniques. This course represents a significant step-up in difficulty versus earlier courses in a Splunk consultant’s learning path. Passing the course is only possible if the required preparation and practice is put into place before attending.

Duration: 5.0 days

Enquire Now

Start learning today!

Click Hereto customize your Training

Objectives

  • Splunk architecture
  • Monitoring Console
  • Configuration Management
  • Authentication, Authorization & LDAP integration
  • Collecting and forwarding data
  • Indexing and Searching
  • Clustering indexers
  • Clustering Search Heads

Content

Module 1 – Deploying Splunk

  • Introduce the Splunk Validated Architectures

Module 2 — Monitoring Console

  • Discuss the best instance to configure as the Monitoring Console
  • Configure the MC for a single or distributed environment
  • Exame how the MC uses the server roles and groups assigned to instances
  • Discuss health checks and how they are run

Module 4 — Access and Roles

  • Discuss how to manage Deployment Server at scale
  • Identify authentication methods
  • Describe LDAP concepts and configuration
  • Discuss SAML and SSO options
  • Define roles and how they are used to protect data

Module 5 — Data Collection

  • Examine Splunk to Splunk (S2S) communication and the different ways data is sent from forwarder to indexer
  • Describe the types and configuration of data inputs
  • Discuss ways to troubleshoot data inputs

Module 6 — Indexing

  • Review indexing artifacts and locations
  • Discuss event processing and data pipelines
  • Understand the underlying text parsing and indexing process
  • Examine data retention controls

Module 7 — Search

  • Examine the inner-workings of a search
  • Discuss how to use search job inspection
  • Look at the different search types and how to maximize search efficiency
  • Review subsearches and how they work
  • Examine some sample searches and how to make them more efficient

Module 8 — Index Clustering

  • Provide an architecture overview
  • Describe deployment and component configuration
  • Review upgrade strategy
  • Discuss Data buckets and lifecycle
  • Examine failure modes and recovery processes
  • Introduce multi-site clustering
  • Explain migration procedures

Audience

N/A

Prerequisites

To qualify for registration, candidates must hold all of the following certifications:

  • Splunk Core Certified Power User
  • Splunk Core Certified Advanced Power User*
  • Splunk Enterprise Certified Admin
  • Splunk Enterprise Certified Architect

Certification

product-certification

Course Benefits

product-benefits
  • Career growth
  • Broad Career opportunities
  • Worldwide recognition from leaders
  • Up-to Date technical skills
  • Popular Certification Badges

Splunk Popular Courses

splk-sefs

This "Fast Start" course covers over 60 commands and functions and prepares students to be search experts.

splk-iiss

This course prepares security practitioners to use SOAR to respond to security incidents.

splk-dyd

This course focuses on creating inputs, chain searches, event annotations, and improving dashboard performance.

splk-introdyd

This course focuses on dashboard creation, including prototyping, the dashboard definition, layouts types, adding visualizations, and dynamic coloring.
Enquire Now
 
 
 
 
DjlfDm
By clicking "Submit", I agree to the Terms Of Use and Privacy Policy