Detail kurzu

Troubleshooting Splunk Enterprise

EDU Trainings s.r.o.

Popis kurzu

This 9-hour virtual course is designed for Splunk administrators. It covers topics and techniques for troubleshooting a standard Splunk distributed deployment using the tools available on Splunk Enterprise.
This lab-oriented class is designed to help you gain troubleshooting experience before attending more advanced courses. You will debug a distributed Splunk Enterprise environment using the live system and case logs.

Obsah kurzu

Module 1 – Splunk Troubleshooting Methods and Tools

Describe the Splunk Troubleshooting Approach
List Splunk Diagnostic Resources and Tools
Create and Splunk a Diag
Use RapidDiag

Module 2 – Indexing Problems

Discover Splunk deployment Topology and its Server Roles
Identify Where to Check the Index-Time Pipeline Status
Use the metrics.log to Clarify the Index-Time Problem

Module 3 – Input Configuration Problems

Data Input issues
Troubleshooting Inputs with the Monitoring Console

Module 4 – Input Deployment Problems

Deployment server issues
Forwarding and Receiving Issues

Module 5 – Indexer Cluster Management Administration

Peer Offline and Decommission
Master App Bundles
Indexer Cluster Storage Utilization Options
Site Mapping
Monitoring Console for Indexer Cluster Environment

Module 6 – License, Upgrade, and User Management Problems

Installation Issues
Upgrade Considerations
Splunk Licensing Issues
Splunk Roles and User Management issues

Module 7 – Search Management Problems

Troubleshoot Distributed Search Issues
Identify Job Scheduling Problems
Learn to Diagnose Crashing Problems
Describe How to Prioritize Resources for Critical Splunk Processes

Module 8 – KV Store Collection and Lookup Management

Identify the Types of Search Problems
Isolate and Troubleshoot Search Problems
Certifikát Na dotaz.
Hodnocení




Organizátor



Další termíny kurzu
Termín Cena Místo konání Zarezervovat