SPLK-SESA8.2 - Splunk Enterprise 9.0 System Administration

This 12-hour course is designed for system administrators who are responsible for managing the Splunk Enterprise environment. The course provides the fundamental knowledge of Splunk license managers, indexers, and search heads. It covers the configuration, management, and monitoring of core Splunk Enterprise components.

Duration: 2.0 days

Enquire Now


Virtual ILT | 02 Mar 2023 - 03 Mar 2023 India
Virtual ILT | 02 Mar 2023 - 03 Mar 2023 Sri Lanka

Start learning today!

Click Hereto customize your Training


  • Splunk Deployment Overview
  • License Management
  • Splunk Apps
  • Splunk Configuration Files
  • Users, Roles, and Authentication
  • Getting Data In
  • Distributed Search


Module 1 - Deploying Splunk

  • Provide an overview of Splunk
  • Identify Splunk Enterprise components
  • Identify the types of Splunk deployments
  • List the steps to install Splunk
  • Use Splunk CLI commands

Module 2 - Monitoring Splunk

  • Use Splunk Health Report
  • Enable the Monitoring Console (MC)
  • Use Splunk Assist
  • Use Splunk Diag

Module 3 - Licensing Splunk

  • Identify Splunk license types.
  • Describe license violations.
  • Add and remove licenses.

Module 4 - Using Configuration Files

  • Describe Splunk configuration directory structure.
  • Understand configuration layering process.
  • Use btool to examine configuration settings.

Module 5 - Using Apps

  • Describe Splunk apps and add-ons.
  • Install an app on a Splunk instance.
  • Manage app accessibility and permissions.

Module 6 - Creating Indexes

  • Learn how Splunk indexes functions.
  • Identify the types of index buckets
  • Add and work with indexes.
  • Overview of metrics index

Module 7 - Managing Index

  • Review Splunk Index Management basics
  • Identify data retention recommendations.
  • Identify backup recommendations.
  • Move and delete index data.
  • Describe the use of the Fish bucket.
  • Restore a frozen bucket.

Module 8 - Managing Users

  • Add Splunk users using native authentication.
  • Describe user roles in Splunk.
  • Create a custom role.
  • Manage users in Splunk.

Module 9 - Configuring Basic Forwarding

  • Identify forwarder configuration steps.
  • Configure a Universal Forwarder
  • Understand the Deployment Server

Module 10 - Configuring Distributed Search

  • Describe how distributed search works.
  • Describe the roles of the search head and search peers.




To be successful, students should have a solid understanding of either the following courses:

  • What Is Splunk?
  • Intro to Splunk
  • Using Fields
  • Introduction to Knowledge Objects

OR the following courses:

  • Fundamentals 1
  • Fundamentals 2



Course Benefits

  • Career growth
  • Broad Career opportunities
  • Worldwide recognition from leaders
  • Up-to Date technical skills
  • Popular Certification Badges

Splunk Popular Courses


This course focuses on creating inputs, chain searches, event annotations, and improving dashboard performance.


This course focuses on dashboard creation, including prototyping, the dashboard definition, layouts types, adding visualizations, and dynamic coloring.


This course will focus on lookup commands and explore how to use subsearches to correlate and filter data from multiple sources


This course will focus on searching and formatting time in addition to using time commands and working with time zones.
Enquire Now
By clicking "Submit", I agree to the Terms Of Use and Privacy Policy