This five-day in-person training includes key courses for Splunk Customers, and prepares them for the Splunk Certified Power User and Splunk Certified Admin exams. This track includes Splunk Fundamentals 2, Splunk Enterprise System Administration, and Splunk Enterprise Data Administration.

The Splunk Fundamentals 2 course picks up where Splunk 6.6 Fundamentals ends, focusing more on advanced search and reporting commands and creating knowledge objects. Scenario-based examples and handy tasks will gradually help you create complex searches, reports, and charts.

Key topics include the use of transform commands and visualizations, filtering and formatting results, correlating events, creating knowledge objects, using field aliases and computed fields, creating tags and event types, using macros, the creation of workflow actions and data models and the normalization of data with the Common Interface Model (CIM). The post-graduate Splunk Enterprise System Administration course is designed for system administrators who are responsible for managing a Splunk Enterprise environment.

This course provides basic knowledge about the Splunk License Manager, Indexers, and Search Heads. It covers the configuration, management and monitoring of the components of Splunk Enterprise. The third part of this fast-track course was designed for system administrators who are responsible for entering data into Splunk's indexers. The course provides basic knowledge about forwarders in Splunk and methods to get remote data into Splunk's indexers. It covers the installation, configuration, management, monitoring, and troubleshooting of Splunk forwarders and Splunk Deployment Server components.

This course is for System Administrators.

Students should have completed the Splunk Fundamentals Part 1 course online.

• Transforming commands and visualization
• Filter and format results
• Correlating events
• Knowledge objects
• Fields (Field Aliases, Field Extractions, Calculated Fields)
• Tags and event types
• Macros
• Workflow Actions Data models
• Splunk Common Information Model (CIM)
• Splunk deployment overview
• License management
• Splunk apps
• Splunk configuration files
• Users, roles and authentication
• Data entry
• Distributed search
• Introduction to Splunk Clusters
• Forwarder with forwarder management
• Splunk configuration files
• Configure general data entries in Splunk
• Customization of the input parsing process