This 24-hour practical lab exercise is designed to take you through the tasks of a complete mock deployment. Each participant is given access to a specified number of Linux servers and a set of requirements. Participants then perform a mock deployment according to requirements which adhere to Splunk Deployment Methodology and best-practices.

Installation and Infrastructure

• Install forwarders, indexers, search head, deployment server and license master

Configuration and Collection

Searching and Reporting

To be successful, students should have a solid understanding of the following courses:

• Splunk Fundamentals 1
• Splunk Fundamentals 2

OR the following single-subject courses:

Students should also have completed the following courses: