Troubleshooting Splunk Enterprise (TSE)
Who should attend
This 9-hour module is designed for Splunk administrators.
Prerequisites
To be successful, students should have a solid understanding of the following modules:
- Splunk Fundamentals 1 (Retired)
- Splunk Fundamentals 2 (Retired)
Or the following single-subject modules:
- What is Splunk? (WIS)
- Intro to Splunk (ITS)
- Using Fields (SUF)
- Scheduling Reports & Alerts (SRA)
- Visualizations (SVZ)
- Leveraging Lookups and Subsearches (LLS)
- Search Under the Hood (SUH)
- Intro to Knowledge Objects (IKO)
- Creating Knowledge Objects (CKO)
- Enriching Data with Lookups (EDL)
- Data Models (SDM)
- Introduction to Dashboards (ITD)
Student should also have completed the following modules:
Course Objectives
- Splunk Troubleshooting Methods and Tools
- Indexing Problems
- Input Configuration Problems
- Deployment Problems
- License, Upgrade, and User Management Problems
- Search Management Problems
- User Search Problems
- Understand the Splunk Support Model and its resources
- Identify the best practices for troubleshooting Splunk Enterprise
- List ways to gather useful Splunk diagnostic information
- Use Splunk diagnostic tools
- Identify common Splunk technical issues and solve them
Course Content
It covers topics and techniques for troubleshooting a standard Splunk distributed deployment using the tools available with Splunk Enterprise.
This lab-oriented class is designed to help you gain troubleshooting experience before attending more advanced modules. You will debug a distributed Splunk Enterprise environment using the live system.
This module does not cover the issues surrounding Splunk Cloud, Splunk Clusters, or Splunk premium apps.
Online Training
Modality: L
Duration 9 hours
Price (excl. tax)
- Eastern Europe: 1,000.— €
Schedule
English
Time zone: Central European Summer Time (CEST)
Instructor-led Online Training:
This computer icon in the schedule indicates that this date/time will be conducted as Instructor-Led Online Training.
