8340  Reviews star_rate star_rate star_rate star_rate star_half

Splunk Enterprise System Administration

Who Can Benefit This virtual module is designed for system administrators who are responsible for managing the Splunk Enterprise environment. Administrators Prerequisites To be successful, students...

Read More
$1,500 USD
Duration 2 days
Course Code SPLUNK-ADMIN
Available Formats Classroom

Overview

Who Can Benefit

This virtual module is designed for system administrators who are responsible for managing the Splunk Enterprise environment.

  • Administrators

Prerequisites

To be successful, students should have a solid understanding of the following single-subject modules:

  • To be successful, students must have completed these Splunk Education course(s) or have equivalent working knowledge:
  • Intro to Splunk (ITS)
  • Using Fields (SUF)
  • Intro to Knowledge Objects (IKO)
  • Creating Knowledge Objects (CKO)
  • Creating Field Extractions (CFE)
  • Enriching Data with Lookups (EDL)
  • Data Models (SDM)

Course Details

Certifications

This course is part of the following Certifications:

  • Splunk Enterprise Certified Admin

Splunk Enterprise System Administration

Topic 1 - Splunk Server Deployment

  • Module 1 Deploy Splunk
  • Provide an overview of Splunk
  • Identify Splunk Enterprise components
  • Identify the types of Splunk deployments
  • List the steps to install Splunk
  • Use Splunk CLI commands
  • Explore security best practices
  • Module 2 Monitor Splunk
  • Use Splunk Health Report
  • Enable the Monitoring Console (MC)
  • Use Splunk Assist
  • Use Splunk Diag
  • Module 3 License Splunk
  • Identify Splunk license types
  • Describe license violations
  • Add and remove licenses
  • Module 4 Use Configuration Files
  • Describe Splunk configuration directory structure
  • Understand configuration layering process
  • Use btool to examine configuration settings
  • Module 5 Use Apps
  • Describe Splunk apps and add-ons
  • Install an app on a Splunk instance
  • Manage app accessibility and permissions
  • Module 6 Create Indexes
  • Learn how Splunk indexes functions
  • Identify the types of index buckets
  • Add and work with indexes
  • Overview of metrics index
  • Module 7 Manage Index
  • Review Splunk Index Management basics
  • Identify data retention recommendations
  • Identify backup recommendations
  • Move and delete index data
  • Describe the use of the Fishbucket
  • Restore a frozen bucket
  • Module 8 Manage Users
  • Add Splunk users using native authentication
  • Describe user roles in Splunk
  • Create a custom role
  • Manage users in Splunk
  • Module 9 Configure Basic Forwarding
  • Identify forwarder configuration steps
  • Configure a Universal Forwarder
  • Understand the Deployment Server
  • Module 10 Configure Distributed Search
  • Describe how distributed search works
  • Describe the roles of the search head and search peers

Topic 2 - Splunk Server Monitoring

  • Enable the Monitoring Console (MC)
  • Identify Splunk license types
  • Describe license violations
  • Add and remove licenses
  • Use Splunk Diag

Topic 3 - Splunk Apps

  • Describe Splunk apps and add-ons
  • Install an app on a Splunk instance
  • Manage app accessibility and permissions

Topic 4 - Splunk Configuration Files

  • Describe Splunk configuration directory structure
  • Understand configuration layering process
  • Use btool to examine configuration settings

Topic 5 - Splunk Indexes

  • Learn how Splunk indexes function
  • Identify the types of index buckets
  • Add and work with indexes
  • Overview of metrics index

Topic 6 - Splunk Index Management

  • Review Splunk Index Management basics
  • Identify data retention recommendations
  • Identify backup recommendations
  • Move and delete index data
  • Describe the use of the Fishbucket
  • Restore a frozen bucket

Topic 7 - Splunk User Management

  • Add Splunk users using native authentication
  • Describe user roles in Splunk
  • Create a custom role
  • Manage users in Splunk

Topic 8 - Configuring Basic Forwarding

  • Identify forwarder configuration steps
  • Configure a Universal Forwarder
  • Understand the Deployment Server

Topic 9 - Distributed Search

  • Describe how distributed search works
  • Define the roles of the search head and search peers
|
View Full Schedule

Schedule

4 options available

  • Guaranteed to Run
    Apr 28, 2025 - Apr 29, 2025 (2 days)
    | 9:00 AM 4:00 PM EDT
    Language English
    Select from 1 options below
     |9:00 AM 4:00 PM EDT
    | 9:00 AM 4:00 PM EDT
    Enroll
    Enroll Add to quote
  • Jul 7, 2025 - Jul 8, 2025 (2 days)
    | 9:00 AM 4:00 PM EDT
    Language English
    Select from 1 options below
     |9:00 AM 4:00 PM EDT
    | 9:00 AM 4:00 PM EDT
    Enroll
    Enroll Add to quote
  • Guaranteed to Run
    Sep 8, 2025 - Sep 9, 2025 (2 days)
    | 9:00 AM 4:00 PM EDT
    Language English
    Select from 1 options below
     |9:00 AM 4:00 PM EDT
    | 9:00 AM 4:00 PM EDT
    Enroll
    Enroll Add to quote
  • Nov 17, 2025 - Nov 18, 2025 (2 days)
    | 9:00 AM 4:00 PM CDT
    Language English
    Select from 1 options below
     |9:00 AM 4:00 PM CDT
    | 9:00 AM 4:00 PM CDT
    Enroll
    Enroll Add to quote

FAQ

Does the course schedule include a Lunchbreak?

Classes typically include a 1-hour lunch break around midday. However, the exact break times and duration can vary depending on the specific class. Your instructor will provide detailed information at the start of the course.

What languages are used to deliver training?

Most courses are conducted in English, unless otherwise specified. Some courses will have the word "FRENCH" marked in red beside the scheduled date(s) indicating the language of instruction.

What does GTR stand for?

GTR stands for Guaranteed to Run; if you see a course with this status, it means this event is confirmed to run. View our GTR page to see our full list of Guaranteed to Run courses.

Does Ascendient Learning deliver group training?

Yes, we provide training for groups, individuals and private on sites. View our group training page for more information.

What does vendor-authorized training mean?

As a vendor-authorized training partner, we offer a curriculum that our partners have vetted. We use the same course materials and facilitate the same labs as our vendor-delivered training. These courses are considered the gold standard and, as such, are priced accordingly.

Is the training too basic, or will you go deep into technology?

It depends on your requirements, your role in your company, and your depth of knowledge. The good news about many of our learning paths, you can start from the fundamentals to highly specialized training.

How up-to-date are your courses and support materials?

We continuously work with our vendors to evaluate and refresh course material to reflect the latest training courses and best practices.

Are your instructors seasoned trainers who have deep knowledge of the training topic?

Ascendient Learning instructors have an average of 27 years of practical IT experience and have also served as consultants for an average of 15 years. To stay current, instructors spend at least 25 percent of their time learning new, emerging technologies and courses.

Do you provide hands-on training and exercises in an actual lab environment?

Lab access is dependent on the vendor and the type of training you sign up for. However, many of our top vendors will provide lab access to students to test and practice. The course description will specify lab access.

Will you customize the training for our company’s specific needs and goals?

We will work with you to identify training needs and areas of growth.  We offer a variety of training methods, such as private group training, on-site of your choice, and virtually. We provide courses and certifications that are aligned with your business goals.

How do I get started with certification?

Getting started on a certification pathway depends on your goals and the vendor you choose to get certified in. Many vendors offer entry-level IT certification to advanced IT certification that can boost your career. To get access to certification vouchers and discounts, please contact info@ascendientlearning.com.

Will I get access to content after I complete a course?

You will get access to the PDF of course books and guides, but access to the recording and slides will depend on the vendor and type of training you receive.

How do I request a W9 for Ascendient Learning?

View our filing status and how to request a W9.

Reviews

I liked the pace of the course. I like that I have more than instance to use the lab.

The technical data in the AWS Solutions Architect course was very thorough.

Labs and the study materials provided for Architecting on AWS course are very easy to understand and explains all the topics required to pass the Associate certification.

great class and packed with material, would have lived to spread it more into many days but overall very informative.

the course is good, covers many aspects, wish the lab is a little bit more in depth