Course Description
In the past, when something bad happened to an application, IT ops folks used to log in to the servers to scratch some logs and try to understand what was going on. But in today’s world, that’s not how things are done. Now there are tools that will help you not just to collect logs and other data from systems but also to help you understand the data. Empowered by that data, you’ll be able to analyze, troubleshoot, and—most importantly—make better decisions on how to fix problems in applications.
Splunk is one of the first platforms to help make sense of log data. Splunk is not just a tool for IT Ops. It’s a tool for developers. In fact, it’s a tool for everyone who’s interested in using the power of data. There are a lot of use cases for Splunk, but first, you need to learn what it’s capable of and how to get the most of it.
If you have concerns about security and compliance, don’t worry. You can still be compliant while making life easier with Splunk. You’ll just need to give everyone visibility on what’s happening with your applications in real time or for analysis purposes. And yes—you can do all of this without giving people access to the servers.
Splunk is playing a big role in how organizations make better decisions with meaningful data. Let’s take advantage of it.
Agenda
Part 1: Introduction to Splunk
What’s Splunk?
Authentication Methods
Access Controls & Users
Products, Licensing, and Costs
Quick Tour Guide: User Interface
Exercise: Lab Environment and Configuration
Part 2: Application Types with Splunk
Security Information and Event Management (SEIM)
Artificial Intelligence for IT Operations (AIOps)
Application Log Management
Machine Learning
Compliance
Part 3: Splunk Architecture(s)
Forwarders
Indexes
Search Head
Part 4: Indexes
What are Indexes?
What are Indexers?
How Does it Work?
Configuration
Exercise: Indexes and Indexers in Practice
Part 5: Getting Data Into Splunk
What are Forwarders?
Getting Data into Indexer
Files
Networking
Others
Different Configuration Types
Exercise: Configuring a Forwarder
Part 6: Searches
Creating Searches
Refine Searches
Save Searches
Search Language
Optimizing Searches
Exercise: Creating Searches
Part 7: Dashboards and Visualizations
Visualization Types
Exercise: How to Create a Dashboard
Part 8: Alerts and Scheduled Reports
What are Alerts?
Exercise: Configuring Alerts
What are Schedule Reports?
Creating Reports with Dashboards
Exercise: Configuring Scheduled Reports
Part 9: Apps and Add-Ons
Architecture
Installation and Configuration
App Deployment
Exercise: Integrating Apps and Add-Ons
Part 10: Splunk Administration
Installation
Configuration
Administration
Exercise: Install and Configure on Virtual Machines
Exercise: Install and Configure Using Containers
Part 11: Putting All Pieces Together
Exercise: Sending Nginx logs to Splunk to be notified with alerts and get some visibility by using Dashboards. Simulate problems in the application and troubleshoot using Searches.