top of page
Course Highlights
Hands on Training
Certified & Experienced Trainers
Request for Flexible Timings
Certificate of Completion
Courses
Course Description
Splunk a software platform mainly used to search, analyze and visualize the machine-generated data gathered from the websites, applications, sensors, devices etc. which make up your IT infrastructure and business.
In this training courses, you will understand the concept of Splunk, benefits of using Splunk, Splunk vs ELK vs Sumo Logic, Splunk architecture - Splunk Forwarder, Indexer and Search Head with the help of Dominos use case.
About
Target Audience
Security and Data Analytics Background
Course Pre-Requisite
Basic of linux and windows
You'll need a Windows/Linux system or Laptop/Desktop, and we'll walk you through downloading and installing a Splunk development environment.
For Lab you need free AWS ubuntu VMs or you can use your own Vms.
Hardware Requirement for the training :-
3 Virtual Machines of Windows 10 and above O.S. with at least i3 processor, 30 GB Hard disk, 8 GB
RAM 1 Virtual Machine with Ubuntu 18.04 O.S. and with at least i3 processor, 20 GB Hard disk, 4 GB RAM
Course Outline
Module 1 : Introducing Splunk
• Understand the uses of Splunk
• Define Splunk Apps
• Learn basic navigation in Splunk
Module 2 : Various Certifications of Splunk and their cost
• Eligibility criteria for Splunk Certification
• Cost of Splunk Certification
Module 3 :- Setting up Splunk
• Configuring Splunk
• Installation of Splunk
Module 4 : Licensing in Splunk
• Splunk License Types
• License Master
• License Slave
• License Master/Slave relationship or License Pool
Module 5 :- Installation of Kali Linux on VMWare
• What is Kali Linux?
• Step by step installation of Kali Linux in VM Ware
Module 6 :– Searching
• Run basic searches
• Use autocomplete to help build a search
• Set the time range of a search
• Identify the contents of search results
• Refine searches
• Use the timeline
• Work with events
• Control a search job
• Save search results
Module 7 - Using Fields in Searching
• Understand fields
• Use fields in searches
• Use the fields sidebar
• Use search modes (fast, verbose, and smart)
Module 8 - Create Reports
• Save a search as a report
• Edit reports
• Create reports that display statistics (tables)
• Create reports that display visualizations (charts)
Module 9 - Create Dashboards
• Create a dashboard
• Add a report to a dashboard
• Add panel to a dashboard
• Edit a dashboard
• Create Interactive dashboard
• Create Cascade dashboard
Module 10 – Splunk’s Search Language Fundamentals
• Understand the search pipeline
• Understand search syntax concepts
• Use the following commands to perform searches: tables, rename, fields, dedup, sort
Module 11 - Using basic Transforming Commands
• The top command
• The rare command
• The stats command
Module 12 - Creating and Using Lookups
• Describe lookups
• Examine a lookup file example
• Create a lookup file and create a lookup definition
• Use the lookup in searches
Module 13- Creating Alerts and Scheduled Reports
• Describe scheduled reports
• Configure scheduled reports
• Describe alerts
• Create alerts
• View fired alerts
Module 14 - Creating and Using Macros
• Describe macros
• Create and use a basic macro
Module 15 - Creating Data Models
• Describe the relationship between data models and pivot
• Identify data model attributes
• Create a data model
• Use a data model in pivot
Module 16 - Beyond Search Fundamentals
• Search fundamentals review
• Case sensitivity
• Using the job inspector to view search performance
Module 17 - Using Transforming Commands for Visualizations
• Explore data structure requirements
• Explore visualization types
• Create and format charts and timecharts
Module 18 - Filtering and Formatting Results
• The eval command
• Using the search and where commands to filter results
• The filnull command
Module 17 - Filtering and Formatting Results
• The eval command
• Using the search and where commands to filter results
• The filnull command
Module 18 - Filtering and Formatting Results
• The eval command
• Using the search and where commands to filter results
• The filnull command
• Report on transactions
• Determine when to use transactions vs. stats
Module 19 - Introduction to Knowledge Objects
• Identify naming conventions
• Review permissions
• Manage knowledge objects
Module 20 - Creating and Managing Fields
• Perform regex field extractions using the Field Extractor (FX)
• Perform delimiter field extractions using the FX
Module 21 - Creating Field Aliases and Calculated Fields
• Describe, create, and use field aliases
• Describe, create and use calculated fields
Module 22 - Creating Tags and Event Types
• Create and use tags
• Describe event types and their uses
• Create an event type
Module 23 - Creating and Using Macros
• Describe macros
• Create and use a basic macro
• Define arguments and variables for a macro
• Add and use arguments with a macro
Module 24 - Creating and Using Workflow Actions
• Describe the function of GET and Search workflow actions
• Create a GET workflow action
• Create a Search workflow action
Module 25 - Clustering
• Need of Clustering
• Indexer Clustering
• Search Head Clustering
Module 26 – Splunk Distributed Deployment
• Create Non-Clustered Distributed Deployment
• Create Clustered Distributed Deployment
• Difference between Non-Clustered and Clustered Distributed Deployment
• Indexer Clustering
• Search Head Clustering
Module 27 – Data addition to Splunk by Universal Forwarder
• Use of Universal Forwarder
• Install and Configure Universal Forwarder in Ubuntu Linux System
• Add data to Splunk by Universal Forwarder
• See the effect on Clustered Distributed Deployment
• See the effect on Non Clustered Distributed Deployment
Module 28 – Data addition to Splunk by HTTP Event Collector
• Use of HTTP Event Collector
• Install and Configure HTTP Event Collector in Ubuntu Linux System
• Add data to Splunk by HTTP Event Collector
Register yourself for complete training & schedule details
Testimonials
Form
bottom of page