Home > Vendors > splunk > splk-tsc

Share

SPLK-TSC - Transitioning to Splunk Cloud

This 9-hour virtual course is for experienced on-prem administrators and anyone needing to ramp up on Splunk Cloud to get more knowledge and experience in managing Splunk Cloud instances. The course discusses the differentiators between on-prem Splunk and the different Splunk Cloud offerings. Modules include topics on how to migrate data collection and ingest from on-prem Splunk to Splunk Cloud as well as highlighting Splunk Cloud-specific differences and best practices to manage a productive Splunk SaaS deployment. For Splunk Administrators who have undertaken the System and Data Administration learning pathways, this course highlights key differences between Splunk Enterprise deployed on-premises and Splunk Enterprise Cloud to allow them to ramp up their data and system management skills to transition to Splunk Cloud. The hands-on lab provides access to and experience in managing a Splunk Cloud instance.

Duration: 2.0 days

Enquire Now

Start learning today!

Click Hereto customize your Training

Objectives

  • Splunk Cloud overview and migration
  • Managing user authentication and authorization in Splunk
  • Managing Splunk indexes
  • Configuring Splunk forwarders for Cloud
  • Configuring inputs to Cloud, including API, Scripted, HEC and Application based inputs
  • Exploring GDI performance considerations
  • Installing and managing applications
  • Problem isolation and working with Splunk Cloud support

Content

Module 1 – Splunk Cloud Overview

  • Describe Splunk Cloud features and topology
  • Identify Splunk Cloud administrator managed tasks
  • Explain the differences between Splunk Enterprise on-premise and Splunk Cloud data ingestion strategies

Module 2 – Splunk Cloud Migration

  • Understand the Splunk Cloud migration journey
  • Determine Splunk Cloud migration readiness
  • Identify Splunk Cloud migration preparation tasks, strategies, and possible challenges

Module 3 – Managing Users

  • Identify Splunk Cloud authentication options
  • Add Splunk users using native authentication
  • Integrate Splunk with LDAP, Active Directory or SAML
  • Create a custom role
  • Manage users in Splunk
  • Use Workload Management to manage user resource usage

Module 4 – Managing Indexes

  • Understand cloud indexing strategy
  • Define and create indexes
  • Manage data retention and archiving
  • Delete and mask data from an index
  • Monitor indexing activities

Module 5 – Configuring Forwarders

  • List Splunk forwarder types
  • Understand the role of forwarders
  • Configure a forwarder to send data to Splunk Cloud
  • Test the forwarder connection
  • Describe optional forwarder settings

Module 6 –API, Scripted and HEC Inputs

  • Create REST API inputs
  • Create a basic scripted input
  • Create Splunk HTTP Event Collector (HEC) agentless inputs

Module 7 – Application Based Inputs

  • Understand how inputs are managed using apps or add-ons
  • Explore Cloud inputs using Splunk Connect for Syslog, Data Manager, Inputs Data Manager (IDM), Splunk Edge Processor, and Splunk Edge Hub

Module 8 – GDI Performance Considerations

  • Describe the default processing that occurs during parsing
  • Optimize and configure event line breaking
  • Modify how timestamps and time zones are extracted or assigned to events
  • Use Data Preview to validate event creation during the parsing phase
  • Explain how data transformations are defined and invoked

Module 9 – Installing and Managing Apps

  • Review the process for installing apps
  • Define the purpose of private apps
  • Upload private apps
  • Describe how apps are managed

Module 10 – Managing Splunk Cloud

  • Describe Splunk connected experience apps such as Splunk Secure Gateway
  • Monitor and manage resource utilization by business units and users using Splunk App for Chargeback
  • Perform self-service administrative tasks in Splunk Cloud using the Admin Config Service

Module 11 – Supporting Splunk Cloud

  • Know how to isolate problems before contacting Splunk Cloud Support
  • Use Isolation Troubleshooting
  • Define the process for engaging Splunk Support
  • Improve Mean Time to Resolution (MTTR) by using clear communication, diagnostic tools, monitoring and the CMC

Audience

  • Splunk Administrator
  • Developer
  • User
  • Knowledge Manager
  • Architect

Prerequisites

To be successful, students should have a working knowledge of the topics covered in the following courses:

  • What is Splunk?
  • Intro to Splunk
  • Using Fields
  • Introduction to Knowledge Objects
  • Creating Knowledge Objects
  • Creating Field Extractions
  • Splunk Enterprise System Administration
  • Splunk Enterprise Data Administration

Certification

product-certification

Course Benefits

product-benefits
  • Career growth
  • Broad Career opportunities
  • Worldwide recognition from leaders
  • Up-to Date technical skills
  • Popular Certification Badges

Splunk Popular Courses

splk-sefs

This "Fast Start" course covers over 60 commands and functions and prepares students to be search experts.

splk-iiss

This course prepares security practitioners to use SOAR to respond to security incidents.

splk-dyd

This course focuses on creating inputs, chain searches, event annotations, and improving dashboard performance.

splk-introdyd

This course focuses on dashboard creation, including prototyping, the dashboard definition, layouts types, adding visualizations, and dynamic coloring.
Enquire Now
yKnZwl
By clicking "Submit", I agree to the Terms Of Use and Privacy Policy