SAA - 2023

General

0 activities

Introduction

1 activities

Introduction to Splunk Component

Splunk Components

2 activities

Search Head and Forwarder Components in Splunk

Deployment Server and License Master

Splunk Hardware Components

2 activities

Hardware Requirement for Splunk

Hardware Requirement for Splunk Continues

Splunk directory structure

2 activities

Splunk Directory Structure

Splunk Conf Files and Splunk Indexes

2 activities

Splunk Configuration File

Props Configuration and Transom Configuration

Splunk Access Controls Overview

2 activities

Splunk Access Controls Overview

Example of Splunk Access Control

Growth of Splunk Deployments

2 activities

Splunk Distributed Environment

Search Peer Example in Splunk

Splunk Instance

5 activities

Single Instance Deployment in Splunks

Multi Instance Deployment in Splunks

OS Permissions in Splunk

Splunk D Process and Splunk Port

Splunk Pipeline and Its Segments

Splunk Licensing

4 activities

Splunk Licensing

More onSplunk Licensing

License and Warning in Splunks

License and Warning in Splunks Continues

Splunk Indexes

3 activities

Splunk Indexes

Default Indexes in Splunks

Default Indexes in Splunks Continues

Using Multiple Indexes

3 activities

Web Data Index In Splunk

Security index in Splunk

Security index in Splunk Continues

Splunk Index Buckets

3 activities

Splunk Index Buckets

Hot Splunk Index Buckets

Warm Splunk Index Buckets

Configuration Files

15 activities

Splunk Configuration Files

Splunk Configuration Files Example

Splunk Configuration Directories

Flowchart of Configuration Directories

Flowchart of Configuration Directories Continues

Splunk Index time

Splunk Search time

No Conflicts Splunk Config File Merge

No Conflicts Splunk Config File Merge Flowchart

Splunk Config File Merge Conflicts

Splunk Config File Merge Conflicts Continues

Example of Merge Conflicts

Splunk Btool Command

Splunk of Btool Command Example

Configuration Changes in Btool Command

Splunk Index

29 activities

Splunk Index Management

Types of Index Management in Splunk

Types of Index Management in Splunk Continues

Creation of Splunk Indexes

Splunk Users

2 activities

Splunk Access Controls

Splunk Access Controls Continues

Splunk Roles

10 activities

Splunk Default Roles

Creation of Splunk Roles

Example of Splunk Roles

Splunk Access Controlsof Default Indexes

Splunk Access Controls on Indexes

Splunk Access Controls on Indexes Continues

Splunk Role Inheritance

Methods of Role Inheritance

Splunk Role Capabilities

Splunk Authentication

13 activities

Splunk Users Role

Splunk Native Authentication Access Control

Splunk Admin Access Control

Working with LDAP Authentication Option

Flowchart of LDAP Authentication

Flowchart of LDAP Authentication Continues

How to Configure a LDAP Server

Exampler of LDAP Server

Working sample in using LDAP SERVER

How to Configure a SAMPLE Server

How to Configure a SAMPLE Server continues

Single Sign out with Reverse Proxy

Splunk Scripted Authentication

Splunk Universal Forwarders

17 activities

Splunk Universal Forwarders

Installation of Universal Forwarder

Downloading Universal Forwarder

Validating Forwarder Installation

Checking Management Port

Splunk Status Command

Configuration of Splunk Universal

Configuring Listening Port

Indexer File

Testing the Connection

Troubleshoot the Connection

Securing The Data Feed

Automatic Load Balancing

Automatic Load Balancing Continues

Queue Size and Indexer Acknowledgement

Navigation in Indexer File

Indexer Acknowledgement

Splunk Forwarder Management

24 activities

Recap on Advanced Forwarder

Configuration of Forwarder Inputs

Forwarding Monitoring and Management

Forwarder Asset Table

Splunk Forwarder Management

Compressing Data Feed

Connection through Data Manager

Components of Deployment Server

Creating Folder in Linux

Overview on Deployment Server

Forwarder Management

Creating Deployment App

Configuring Deployment App

Overview on the Process

Defining User Class

Configuring as Deployment Client

Splunk Deployment Server

Getting Data Into Splunk

Parsing Phase

Indexing Phase

Different Configuration Setting

Metadata Fields Source

Difference Between Parsing and Indexing

Functions of Parsing and Indexing

Data Inputs in Splunk

7 activities

Splunk Index Time Process

Understanding the Monitor

Selecting the Checkpoints

Setting Source Type

Describing Host Field

Forward Option

Monitoring Console

Monitoring Data Inputs in Splunk

15 activities

Monitor Inputs

Multi Line Log Files

Input Settings

Monitoring Inputs

Settings with Host Field

Monitoring Directory

Files and Directories

Monitor Line for Source File

Segments of Wildcards

Dot Log Files

Advanced Options for Input File

Blacklist Precedence

Input Configuration

Overriding the Host Field

Inputing New Data

Splunk Universal Forwarders

3 activities

Configuring the Data Forwarding

Data Feed Advantages and Disadvatages

Forwarder and Receiving Indexer

Network Inputs

9 activities

Difference in queue

Persistent Queue

Scripted Inputs

Creating a Script

Processing on Scripting Inputs

Scheduling per Requirement

Data Inputs

Configuring Scripted Inputs

Script in Directories

Windows and Agentless inputs

11 activities

Windows Inputs and Agentless Inputs

Windows Specific Inputs

Types of Windows Specific Inputs

Settings for App Context

Local Performance Monitor

Settings in Input Files

Event Log Monitoring

Powershell Inputs

Splunk Agentless Inputs

HTTP event collector

Specifying Metadata

Fine-Tuning Splunk inputs\

14 activities

Fine Tuning Inputs

Props Dot Conf

Data Modifications in Props

Creating Monitor Input

Parsing Phase and Data Preview

Event Boundaries

Single Line Source Type

Setting time zone

Multi Line Events

Date and Time Stamp

Date and Time Stamp Continues

Data Preview Screen

Time Stamp Field

Method of Classification

Manipulating Raw Data

7 activities

Manipulating Raw Data

Using the Regex

Event Based Transformation

Log File for Regex

Understanding Regex

Indexing the Log File

Setting up Host name

Supporting KO's

2 activities

KV Based lookups

Types of Lookups

Data Access Risks

3 activities

Mitigating Possible Data Access Risks

The Available Capabilities in Splunk

Restricting Unauthorized Users in Splunk

Distributed Search

9 activities

Learning about the Distributed Search

Understanding the Distributed Architecture

Standalone and Distributed Architecture

Setting up Distrubuted Search

Differences in Clustered and Non Clustered Index

Distributed Search Authentication

Best Practices using Distributed Search

Understanding the Dedicated Search Heads

Determining the Search Head Cluster

Performance Tuning

14 activities

Performance Tuning in Splunk

Splunk Data Pipelines

Setting the Index Parallization

Index Storage Optimization

Index Storage Optimization Continues

Concept of Search Performance

Reports Designed in Splunk

Schedule Window in Search Performance

Managing the Search Jobs

Runtime to Search the Query

Evaluating on the Saved Option

Using the Search Parallelization

Learning the Real Time Search

Learning the Real Time Search Continues

Problem Isolation

6 activities

Log Levels in Splunk

Types of Splunk Log Levels

Modifying the Splunk Level

Functions of Indexing Processes

Running the Splunk Diag Command

Large Scale Deployments

3 activities

Large Scale Splunk Deployment

Large Scale Splunk Deployment Continues

Course Certificate

BDIT COLLEGE

Splunk Advanced 02 - Administration

Description

Sections

General

0 activities

Introduction

1 activities

Splunk Components

2 activities

Splunk Hardware Components

2 activities

Splunk directory structure

2 activities

Splunk Conf Files and Splunk Indexes

2 activities

Splunk Access Controls Overview

2 activities

Growth of Splunk Deployments

2 activities

Splunk Instance

5 activities

Splunk Licensing

4 activities

Splunk Indexes

3 activities

Using Multiple Indexes

3 activities

Splunk Index Buckets

3 activities

Configuration Files

15 activities

Splunk Index

29 activities

Splunk Users

2 activities

Splunk Roles

10 activities

Splunk Authentication

13 activities

Splunk Universal Forwarders

17 activities

Splunk Forwarder Management

24 activities

Data Inputs in Splunk

7 activities

Monitoring Data Inputs in Splunk

15 activities

Splunk Universal Forwarders

3 activities

Network Inputs

9 activities

Windows and Agentless inputs

11 activities

Fine-Tuning Splunk inputs\

14 activities

Manipulating Raw Data

7 activities

Supporting KO's

2 activities

Data Access Risks

3 activities

Distributed Search

9 activities

Performance Tuning

14 activities

Problem Isolation

6 activities

Large Scale Deployments

3 activities

Tag

BDIT COLLEGE

BDIT COLLEGE

Splunk Advanced 02 - Administration

Description

Sections

General 0 activities

Introduction 1 activities

Splunk Components 2 activities

Splunk Hardware Components 2 activities

Splunk directory structure 2 activities

Splunk Conf Files and Splunk Indexes 2 activities

Splunk Access Controls Overview 2 activities

Growth of Splunk Deployments 2 activities

Splunk Instance 5 activities

Splunk Licensing 4 activities

Splunk Indexes 3 activities

Using Multiple Indexes 3 activities

Splunk Index Buckets 3 activities

Configuration Files 15 activities

Splunk Index 29 activities

Splunk Users 2 activities

Splunk Roles 10 activities

Splunk Authentication 13 activities

Splunk Universal Forwarders 17 activities

Splunk Forwarder Management 24 activities

Data Inputs in Splunk 7 activities

Monitoring Data Inputs in Splunk 15 activities

Splunk Universal Forwarders 3 activities

Network Inputs 9 activities

Windows and Agentless inputs 11 activities

Fine-Tuning Splunk inputs\ 14 activities

Manipulating Raw Data 7 activities

Supporting KO's 2 activities

Data Access Risks 3 activities

Distributed Search 9 activities

Performance Tuning 14 activities

Problem Isolation 6 activities

Large Scale Deployments 3 activities

Tag

BDIT COLLEGE

General

0 activities

Introduction

1 activities

Splunk Components

2 activities

Splunk Hardware Components

2 activities

Splunk directory structure

2 activities

Splunk Conf Files and Splunk Indexes

2 activities

Splunk Access Controls Overview

2 activities

Growth of Splunk Deployments

2 activities

Splunk Instance

5 activities

Splunk Licensing

4 activities

Splunk Indexes

3 activities

Using Multiple Indexes

3 activities

Splunk Index Buckets

3 activities

Configuration Files

15 activities

Splunk Index

29 activities

Splunk Users

2 activities

Splunk Roles

10 activities

Splunk Authentication

13 activities

Splunk Universal Forwarders

17 activities

Splunk Forwarder Management

24 activities

Data Inputs in Splunk

7 activities

Monitoring Data Inputs in Splunk

15 activities

Splunk Universal Forwarders

3 activities

Network Inputs

9 activities

Windows and Agentless inputs

11 activities

Fine-Tuning Splunk inputs\

14 activities

Manipulating Raw Data

7 activities

Supporting KO's

2 activities

Data Access Risks

3 activities

Distributed Search

9 activities

Performance Tuning

14 activities

Problem Isolation

6 activities

Large Scale Deployments

3 activities