Course Catalog  > Data Science and Big Data  > Data Engineering
WA2952

Operational Data Analytics with Splunk Training

This training course introduces the students to the Splunk Operational Data Analytics platform.  About 70 percent of the course time is dedicated to hands-on exercises and projects that help the students gain practical experience of using Splunk in a variety of scenarios, including data onboarding and forwarding, real-time TCP port and directory monitoring, data querying and visualizations.

Request Information
Request On-Site or Customized Course Info
Course Details

Duration

2 days

Prerequisites

  • General knowledge of programming using SQL
  • Experience working in UNIX environments (e.g. running shell commands, etc.)

Target Audience

  • Data Engineers
  • Business Analysts
  • IT Architects
  • Technical Managers
Course Outline

Chapter 1. Splunk Introduction

  • Splunk Defined
  • Splunk Products
  • The Magic Quadrant for Security Information and Event Management (SIEM)
  • Splunk Editions
  • Deployment Options
  • Common Components
  • Splunk Admin Dashboard (Web UI)
  • Events
  • Data Indexing
  • Distributed Splunk Indexing and Searching
  • Architecture for a Multi-Tier Splunk Enterprise Deployment
  • Summary

Chapter 2. Splunk Data Sources

  • Data Source Types
  • The Source Types Automatically Recognized by Splunk
  • The "Pre-trained" Source Types
  • Windows ® Data Sources
  • Data Indexing
  • Web UI for Adding Data to Indexer
  • Web UI: Adding Data Flow for Local File Upload
  • Web UI: Add Data for Monitoring
  • Automatic Recognition of Data Source
  • Where is My Uploaded File?
  • Custom Event Format
  • Summary

Chapter 3. Searching and Reporting with Splunk

  • Data Searching
  • Search Processing Language (SPL)
  • Searching and Reporting Activities
  • The Search Page
  • Core Search Concepts
  • Search Command Auto-Completion
  • The Search Basics
  • Search Command Categories
  • Command Examples
  • More Examples of Search Commands
  • Statistical Commands
  • Statistical and Time Functions
  • From SQL to SPL - the Translation Table
  • Visual Aids for Building Search Queries
  • Visualizations
  • Save Your Searches as Dashboards
  • The Delete Operation
  • How Do I Delete My Data?
  • Summary

Chapter 4. Splunk Forwarders

  • Flavors of Splunk Forwarders
  • Forwarder Comparison Table (Abridged)
  • The Splunk Forwarder Diagram
  • Splunk Universal Forwarder (UF) Supported OSes
  • UF Functions
  • What UF Cannot Do
  • Summary

Lab Exercises

Lab 1. Learning the Lab Environment
Lab 2. Local File Upload
Lab 3. Local File Upload Project
Lab 4. TCP Port Real-time Monitoring
Lab 5. Using Search and Reporting App
Lab 6. Querying for Insights
Lab 7. Understanding Universal Forwarders (For Review Only)
Lab 8. Using Universal Forwarders Project (For Review Only)
Lab 9. Data Visualization
Lab 10. Dealing with Missing Timestamps
Lab 11. The Delete Operation
Lab 12. vi Bare Essentials (Optional)

Upcoming Course Dates
USD $1,360
Online Virtual Class
Scheduled
Date: Jun 24 - 25, 2024
Time: 10 AM - 6 PM ET
USD $1,360
Online Virtual Class
Scheduled
Date: Aug 12 - 13, 2024
Time: 10 AM - 6 PM ET
USD $1,360
Online Virtual Class
Scheduled
Date: Sep 16 - 17, 2024
Time: 10 AM - 6 PM ET