This course focuses on large enterprise deployments.

Students will learn :

- steps and best practices for planning, data collection and sizing for a distributed deployment.

- topics and techniques for troubleshooting a standard Splunk distributed deployment using the tools available on Splunk Enterprise.

- troubleshooting experience before attending more advanced courses. You will debug a distributed Splunk Enterprise environment using the live system.　 case logs.

- the fundamental knowledge of deploying and managing Splunk Enterprise in a clustered environment. It covers installation, configuration, management, and monitoring of Splunk clusters.

While Splunk Clusters are supported in Windows environments, the class lab environment is running Linux instances only.

ONLY for customers with Splunk on-prem

Architecting Splunk Enterprise Deployments :

Module 1 – Introduction

Module 2 – Project Requirements

Module 3 – Infrastructure Planning: Index Design

Module 4 – Infrastructure Planning: Resource Planning

Module 5 - Clustering Overview

Module 6 - Forwarder and Deployment Best Practices

Module 7 - Integration　

• Describe integration methods
• Identify common integration points

Module 8 – Performance Monitoring and Tuning

Module 9 – Use Cases

Troubleshooting Splunk Enterprise :

Module 1 – Splunk Troubleshooting Methods and Tools

Module 2 – Indexing Problems

Module 3 – Input Configuration Problems

Module 4 – Input Deployment Problems

Module 5 – Indexer Cluster Management Administration

Module 6 – License, Upgrade, and User Management Problems

Module 7 – Search Management Problems

Module 7　– KV Store Collection and Lookup Management

Splunk Enterprise Cluster Administration :

Module 1 – Large-scale Splunk Deployment Overview

Module 2 – Single-site Indexer Cluster

Module 3 – Multisite Indexer Cluster

Module 4 – Indexer Cluster Management and Administration

Module 5 – Forwarder Management

• Indexer discovery
• Optional Indexer Discovery Configurations
• Volume-Based Forwarder Load Balancing

　

Module 6 – Search Head Cluster

• Splunk Search Head Cluster Overview
• Search Head Cluster Configuration

Module 7 – Search Head Cluster Management and Administration

Module 8 – KV Store Collection and Lookup Management

Module 9 – SmartStore Implementation

To be successful, students should have a solid understanding of the following courses:

Splunk Power User Fast Start https://edu.arrow.com/de/training/course-detail/54675/Power-User-Fast-Start

Splunk Enterprise Administration Fast Start  https://edu.arrow.com/de/training/course-detail/54671/Enterprise-Administration-Fast-Start

Splunk Enterprise Certified Architect (Prereq for this cert is the Splunk Core Certified Power User AND Splunk Enterprise Certified Admin)