top of page
Splunk Training Provider Authorised Learning Partner Australia

Splunk Enterprise Lab

This Splunk Enterprise 24-hour practical lab exercise is designed to take you through the tasks of a complete mock development. Each participant is given access to a specified number of Linux servers and a set of requirements.

 

Participants then perform a mock deployment according to requirements which adhere to Splunk Deployment Methodology and best-practices.


Splunk Credit Value : 100

Duration : First 4 hours instructor led, 24 hours allowed for completion

Time : 11:00 am - 3:00 pm AEST

​

*Course discounts apply for Splunk Partners. Please use the currency convertor above to check for course pricing in your local currency.

Developing Phantom Playbooks
Buy Splunk Enterprise Practical Lab Training Course Now

Extremely proficient at controlling the pace of training. Great explanation of answers & not just reading the content. Very knowledgeable about all content. Looking forward to completing the rest of the of the class.

Highly recommended.

Participant, Splunk Enterprise Data Administration

Class Format

Instructor-led lecture with labs. Delivered via virtual classroom.

Audience

Enterprise architects seeking to sit the Certified Architect exam.

Related Certifications

Splunk Enterprise Certified Architect

Prerequisite Knowledge

To be successful, students should have a solid understanding of the following:

​

  • Splunk Fundamentals 1

  • Splunk Fundamentals 2

  • Or the following single-subject courses:

    • What is Splunk?

    • Intro to Splunk

    • Using Fields

    • Scheduling Reports and Alerts

    • Visualisations

    • Introduction to Knowledge Objects

    • Creating Field Extractions

    • Introduction to Dashboards

 

Students should also understand the following courses:

​

  • Splunk Enterprise System Administration

  • Splunk Enterprise Data Administration

  • Architecting Splunk Enterprise Deployments

  • Troubleshooting Splunk Enterprise

  • Splunk Enterprise Cluster Administration

After completing the Splunk Enterprise Lab you will be able to;

  • You will have a thorough understanding of Splunk Deployment Methodology and best-practices for planning, data collection, and sizing for a distributed deployment.

  • Be able to manage and troubleshoot a standard distributed deployment with indexer and search head clustering.

Developing Phantom Playbooks
Splunk Enterprise Lab - Course Objectives

  • Installation and Infrastructure

  • Install forwarders, indexer, search head, deployment server and license master Configuration and Collection

  • Configure an index cluster

  • Deploy all specified configurations via deployment server

  • Configure inputs from forwarders

  • Configure and confirm index-time knowledge

  • Create search time fields Searching and Reporting

  • Create searches for each required use case

  • Get indexer event acknowledgements

Splunk Enterprise Practical Lab - Upcoming Sessions

bottom of page