Troubleshooting Splunk Enterprise (TSE)


Опис курсу

This course is designed for Splunk administrators. It covers topics and techniques for troubleshooting a standard Splunk distributed deployment using the tools available with Splunk Enterprise.
This lab-oriented class is designed to help you gain troubleshooting experience before attending more advanced courses. You will debug a distributed Splunk Enterprise environment using the live system.
This course does not cover the issues surrounding Splunk Cloud, Splunk Clusters, or Splunk premium apps.


Splunk administrators.

Попередні вимоги

To be successful, students should have a solid understanding of the following modules:

  • Splunk Fundamentals 1 (Retired)
  • Splunk Fundamentals 2 (Retired)

Or the following single-subject modules:

  • What is Splunk? (Retired)
  • Intro to Splunk (ITS)
  • Using Fields (SUF)
  • Scheduling Reports & Alerts (SRA)
  • Visualizations (SVZ)
  • Leveraging Lookups and Subsearches (LLS)
  • Search Under the Hood (SUH)
  • Intro to Knowledge Objects (IKO)
  • Creating Knowledge Objects (CKO)
  • Creating Field Extractions (CFE)
  • Enriching Data with Lookups (EDL)
  • Data Models (SDM)

Student should also have completed the following modules:

  • !Custom Splunk Enterprise System Administration (SESA) (CSESA)
  • !Custom Splunk Enterprise Data Administration (SEDA) (CSEDA)

Цілі курсу

  • Splunk Troubleshooting Methods and Tools
  • Indexing Problems
  • Input Configuration Problems
  • Deployment Problems
  • License, Upgrade, and User Management Problems
  • Search Management Problems
  • User Search Problems

Prices & Delivery methods

Classroom training

2 days

  • on request
Online training

2 days

  • on request

Дати та реєстрація

Currently there are no training dates scheduled for this course.