0
Shopping cart
( 0 items )
Remove all
Subtotal
(Before tax)
0
View Shopping Cart
Education Services
Education Services
Arrow Electronics, Inc.

Troubleshooting Splunk Enterprise 9.0

CODE: SPL_TSSE9

LENGTH: 16 Hours (2 dage)

PRICE: kr 7.070,00

Expand all
Description

This course is designed for Splunk administrators. It covers topics and techniques for troubleshooting a standard Splunk distributed deployment using the tools available with Splunk Enterprise


This lab-oriented class is designed to help you gain troubleshooting experience before attending more advanced courses. You will debug a distributed Splunk Enterprise environment using the live system.


This course does not cover the issues surrounding Splunk Cloud, Splunk Clusters, or Splunk premium apps.

Online training is typically structured in 3,4, or 4.5 hour long half-day sessions or 6-hour full-day sessions with an hour-long break for lunch.

Objectives

  • Splunk Troubleshooting Methods and Tools

  • Indexing Problems

  • Input Configuration Problems

  • Deployment Problems

  • License, Upgrade, and User Management Problems

  • Search Management Problems

  • User Search Problems

Prerequisites

To be successful, students should have a solid understanding of the following courses:

  • Splunk Fundamentals 1

  • Splunk Fundamentals 2

OR the following single-subject courses:

  • What Is Splunk?

  • Intro to Splunk

  • Using Fields

  • Scheduling Reports and Alerts

  • Introduction to Knowledge Objects

  • Creating Knowledge Objects

  • Creating Field Extractions

    • Students should also have completed the following courses:

    • Splunk Enterprise System Administration

    • Splunk Enterprise Data Administration

      • Programme

      • Understand the Splunk Support Model and its resources
      • Identify the best practices for troubleshooting Splunk Enterprise
      • List ways to gather useful Splunk diagnostic information
      • Use Splunk diagnostic tools
      • Identify common Splunk technical issues and solve them

      Module 1 – Splunk Troubleshooting Methods and Tools

      • Describe the Splunk Troubleshooting Approach

      • List Splunk Diagnostic Resources and Tools

      • Create and Splunk a Diag

      • Identify RapidDiag

        • Module 2 – Indexing Problems

        • Discover Splunk Deployment Topology and its Server Roles

        • Identify Where to Check the Index-Time Pipeline Status

        • Use the metrics.log to Clarify the Index-Time Problem

          • Module 3 – Input Configuration Problems

          • Data input issues

          • Troubleshooting inputs with Monitoring Console

            • Module 4 – Deployment and Forwarder Problems

            • Deployment Server Issues

            • Forwarding and Receiving Issues

              • Module 5 – License, Upgrade, and User Management Problems

              • Installation issues

              • Upgrade considerations

              • Splunk licensing Issues

              • Splunk roles and user management issues

                • Module 6 – Search Head Management Problems

                • Troubleshoot Distributed Search Issues

                • Identify Job Scheduling Problems

                • Learn to Diagnose Crashing Problems

                • Describe How to Prioritize Resources for Critical Splunk Processes

                  • Module 7 – User Search Problems

                  • Identify the types of search problems

                  • Isolate and troubleshoot search problems

                    • Session Dates