Introduction
- Introduction
Introduction to Splunk Enterprise
- Introduction to Module 01
- What is Splunk?
- Products of Splunk: Splunk Light
- Products of Splunk: Splunk Cloud
- Products of Splunk: Splunk Enterprise
- Products of Splunk: Hunk & Premium Apps
- Components of Splunk: Search Head
- Components of Splunk: Indexer
- Components of Splunk: Universal Forwarder
- Components of Splunk: Heavy Forwarder
- Components of Splunk: Deployment Server
- Components of Splunk: Cluster Master
- Splunk Package Downloads: Part 1
- Splunk Package Downloads: Part 2
- Splunk Package Downloads: Part 3
- Splunk Add on and Application downloads
- Splunk GUI Overview : Part 1
- Splunk GUI Overview : Part 2
- Splunk GUI Overview : Part 3
- Splunk GUI Overview : Part 4
- Splunk GUI Overview : Part 5
- Splunk GUI Overview : Part 6
- Splunk Searching Basics : Part 1
- Splunk Searching Basics : Part 2
- Splunk Licensing
- Getting Help on Splunk Issues : Part 1
- Getting Help on Splunk Issues : Part 2
- Get 10 GB Free license of Splunk
Designing Splunk Architecture
- Splunk Visio Stencils usage
- Estimation of License required
- Evaluation : Search Head and Indexers
- Evaluation : Heavy Forwarder, License Manager and Deployment Server
- Estimation of Storage for Indexers
- Small Enterprise Architecture review
- Medium Enterprise Architecture review
- Large Enterprise Architecture review : Part 1
- Large Enterprise Architecture review : Part 2
- Understanding clustering and High Availability in Splunk
- Hardware Requirements for Splunk Architecture
- Capacity Planning for your Architecture
Installation and Configuration of Splunk Components
- Prerequisites for Splunk Installation : Part 1
- Prerequisites for Splunk Installation : Part 2
- Directory Structure of Splunk
- Configuration Hierarchy in Splunk
- Configuration Hierarchy in Splunk : Practical Example
- Testing Configuration Precedence
- Concluding Configuration Precedence
- Installation of Splunk Enterprise
- Installation of Splunk Universal Forwarder
- Installation of Splunk Search Head
- Installation of Splunk Indexers
- Installation of Splunk Heavy Forwarders and Deployment Servers
- Enable SSL on Splunk Enterprise Instance
- Enabling SSL from CLI
- Index, Indexes and Indexers
- Configuring Indexer: Enable Reciever
- Enabling Reciever from CLI and Configuration File Edit
- Default Index
- Index Creation From Splunk Web and Splunk CLI
- Index creation from Splunk Edit configuration file
- Configure Search head From Splunk Web
- Configure Search head From Splunk CLI
- Configure Search head From editing Configuration Files
- Configure Heavy Forwarder using Splunk Web and CLI
- Configure Heavy Forwarder using Splunk Configuration File Edit
- Configure Deployment Server From Splunk Web
- Configure Deployment Server From Splunk Configuration Edit
- Adding Clients to Deployment Server
- Deployment Client Config CLI and on Configuration Edit on Universal Forwarder
- Splunk License Manager Configuration
- Splunk Licensing Pool and Client Configuration
Splunk Post Installation Activities : Knowledge Objects
- Uploading Data to Splunk
- Adding Data to Splunk via configuration file edit
- Adding Data to Splunk via Splunk CLI
- Validation of On Boarded Data
- Source Sourcetype and Host Configuration
- Source Parameter Explaination
- Field Extraction Using IFX
- Field Extraction Using REX
- Adding Field Extraction to Search
- REGEX searching in Splunk
- Props Extract Command
- Props Report and Transforms
- Props.conf Location
- Eventtypes Creation and permission
- Eventtypes Use Case
- Tags Creation
- Manual Creation of Tags
- Lookups Creation in Splunk
- Searching Using Lookups in Splunk
- Lookups Use Case Example
- Creating Macros in Splunk
- Searching in Splunk
- Search Modes in Splunk
