Detailed Course Outline
Module 1 – Splunk Cloud Overview
- Describe Splunk and Splunk Cloud features and topology
- Identify Splunk Cloud administrator tasks
- Describe Splunk Cloud purchasing options and differences between Classic and Victoria experience
- Secure Splunk deployments best practices
- Explain Splunk Cloud data ingestion strategies
Module 2 – Splunk Cloud Migration
- Understand the Splunk Cloud migration journey
- Determine Splunk Cloud migration readiness
- Identify Splunk Cloud migration preparation tasks, strategies, and possible challenges
Module 3 – Managing Users
- Identify Splunk Cloud authentication options
- Add Splunk users using native authentication
- Create a custom role
- Integrate Splunk with LDAP, Active Directory or SAML
- Use Workload Management to manage user resource usage
- Manage users in Splunk
Module 4 – Managing Indexes
- Understand cloud indexing strategy
- Define and create indexes
- Manage data retention and archiving
- Delete and mask data from an index
- Monitor indexing activities
Module 5 – Managing Apps
- Review the process for installing apps
- Define the purpose of private apps
- Upload private apps
- Describe how apps are managed
Module 6 – Configuring Forwarders
- List Splunk forwarder types
- Understand the role of forwarders
- Configure a forwarder to send data to Splunk Cloud
- Test the forwarder connection
- Describe optional forwarder settings
Module 7 – Common Inputs
- Describe forwarder inputs such as files and directories
- Create REST API inputs
- Create a basic scripted input
- Create Splunk HTTP Event Collector (HEC) agentless inputs
Module 8 – Additional Inputs
- Understand how inputs are managed using apps or add-ons
- Explore Cloud inputs using Splunk Connect for Syslog, Data Manager, Inputs Data Manager (IDM), Splunk Edge Processor, and Splunk Edge Hub
Module 9 – Using Ingest Actions
- Explore Splunk transformation methods
- Create and manage rulesets with Ingest Actions
- Mask, filter and route data with Ingest Action rules
Module 10 – Managing Splunk Cloud
- Secure ingest with Splunk Cloud Private Connectivity with AWS
- Describe Federated Search functionality
- Describe Splunk connected experience apps such as Splunk Secure Gateway
- Monitor and manage resource utilization by business units and users using Splunk App for Chargeback
- Perform self-service administrative tasks in Splunk Cloud using the Admin Config Service
Module 11 – Supporting Splunk Cloud
- Know how to isolate problems before contacting Splunk Cloud Support
- Use Isolation Troubleshooting
- Define the process for engaging Splunk Support
Appendix
- Explore Splunk security fundamentals