Autoplay
Autocomplete
Previous Lesson
Complete and Continue
Splunk - Beginner to Architect 2019
Getting Started
Introduction to the Course
Download Links - Tutorial Data, Samples and Logs
Introduction to Splunk & Setting Up Labs
Introduction to Splunk
Introduction to Docker Containers
Setting up Docker Environment
Installing Splunk - Docker Approach
Installation Manual - Docker and RPM
Installing Splunk - RPM Approach
Data Persistence for Container Volumes
Important Pointer for Docker in Windows
Document - Persistent Docker Volume
Splunk Licensing Model
Splunk Developer 10GB License
Importing License into Splunk
Getting Started with Splunk
Importing Data to Splunk
Sample Tutorial Logs
Security Use-Case - Finding Attack Vectors
Search Processing Language (SPL)
Splunk Search Assistant
Splunk Reports
Splunk Report - Email Clarification (Followup)
Understanding Add-Ons and Apps
Splunk Add-On for AWS
Splunk App for AWS
Overview of Dashboards and Panels
Building Dashboard Inputs - Time Range Picker
Building Dashboard Inputs - Text Box
Building Dashboard Inputs - Drop down
Building Dashboard Inputs - Dynamic DropDown
Splunk Architecture
Directory Structure of Splunk
Splunk Configuration Directories
Splunk Configuration Precedence
Splunk Configuration Precedence - Apps and Locals
Introduction to Indexes
Bucket Lifecycle
Warm to Cold Bucket Migration
Archiving Data to Frozen Path
Thawing Process
Splunk Workflow Actions
Forwarder & User Management
Overview of Universal Forwarders
Installing Universal Forwarder in Linux
Installation Manual - Splunk Universal Forwarder
Challenges in Forwarder Management
Introduction to Deployment Server
ServerClass and Deployment Apps
Creating Custom Add-Ons for deployment
Pushing Splunk Linux Add-On via Deployment Server
Post Installation Activities
Understanding Regular Expressions
Regex - Exercise
Parsing Web Server Logs & Named Group Expression
Sample - Web Server Logs
Importance of Source Types
Interactive Field Extractor (IFX)
props.conf and transforms.conf
Sample Log - MySQL Error Logs
Splunk Event Types
Tags
Splunk Events Types Priority and Coloring Scheme
Splunk Lookups
Splunk Alerts
Security Primer
Access Control
Creating Custom Roles & Capabilities
Distributed Splunk Architecture
Overview of Distributed Splunk Architecture
Understanding License Master
Implementing License Master
License Pools
Indexer
Masking Sensitive Data at Index Time
Search Head
Splunk Monitoring Console
Indexer Clustering
Overview of Indexer Clustering
Deploying Infrastructure for Indexer Cluster
Document - Deploying Indexer Cluster Docker Containers
Master Indexer
Peer Indexers
Testing Replication and Failover capabilities
Configuration Bundle
Configuration Bundle - Part 02
Forwarding Logs to Indexer Cluster
Indexer Discovery
Indexer Discovery - Document
Searching Head Clustering
Overview of Search Head Clusters
Deploying Infrastructure for Search Head Cluster
Configuring Cluster Setup on Search Heads
Search Head Clustering Setup - Document
Validating Search Head Replication
Pushing Artifacts through Deployer
Connecting Search Head Cluster to Indexer Cluster
SH to IDX Cluster Document
Advanced Splunk Concepts
Using Btool for Troublshooting
Overview of Data Models
Creating Data Model - Practical
Splunk Support Programs
props.conf and transforms.conf
Lesson content locked
If you're already enrolled,
you'll need to login
.
Enroll in Course to Unlock