Workshop - Splunk Administrator
Buy now
Learn more
Discussions
Section 0 - Welcome & Orientation
About O-Line Security
Your Instructor
Section 1 - Foundations
Expectations & Objectives
What is a Splunk Administrator?
Section 2 - Environment Setup
Why AWS EC2 Infrastructure?
Understanding AWS Costs for Splunk Labs: Instances, Storage, and Optimization
Creating an EC2 Instance for Splunk Deployment
Install Splunk Enterprise
Configure Splunk Enterprise
EC2 Instance Lifecycle and IP Changes: What to Know Before You Stop or Start
Final Environment Validation and Readiness Check
Lab
Section 3 - Introduction to Splunk Configuration Files
Foundations and Structure
UI vs Backend Configuration Mapping
Precedence, Layering, and Troubleshooting
Configuration Precedence with BTOOL
Lab
Section 4 - Splunk Components
Instance Types
Identifying Instance Types
Section 5 - From UI to Configuration Files
Navigating Splunk Web as an Administrator
UI Changes to .conf Files
Section 6 - Splunk Administration: Users, Roles, and Access Control
Creating Users in Splunk
Creating Users in Splunk Web
Managing Users via CLI (Command Line Interface)
Validating User Access and Role Permissions in Splunk
Lab
Creating Roles in Splunk
Configuring Role Permissions in Splunk
Configuring Role Capabilities in Splunk
Configuring Role Settings
Defining Role Restrictions in Splunk
Implementing Roles Through Configuration Files
Authentication.conf and Authorize.conf
Section 7 - Splunk Platform Management
Index Configuration and Management
Creating Indexes via Splunk Web
Creating Indexes via CLI
Lab
Bucket Lifecycle in Splunk
Hot to Frozen Explained
Understanding Bucket Lifecycle in Splunk
Configuring Bucket Rolling in Splunk
Data Lifecycle
Data Ingestion in Splunk
Ingesting Data Using the Splunk CLI
Validating Ingested Data in Splunk
Lab
Auth Logs
Web Logs
Section 8 - Splunk Configuration Files and Management
Mapping Splunk Behavior to Configuration Files
inputs.conf
indexes.conf
server.conf
props.conf
transforms.conf
deploymentclient.conf
serverclass.conf
outputs.conf
authentication.conf & authorize.conf
How Splunk Configuration Files Work Together
Section 9 - Splunk Maintenance and Operations
Maintaining the Splunk Environment
Splunk Backup Strategies and Best Practices
Permission Management in Splunk
Analyzing Index Data with dbinspect
Monitoring Splunk with the Monitoring Console
Maintenance in Action
Gaining Insight and Visibility
Enhancing Visibility with Splunk Dashboards
Building Alerts for Monitoring and Response
Section 10 - Capstone Project
Capstone Overview
Capstone Project Review
Project Data Logs
Section 11 - Career Development Pack
Career Development
Resume Builder
Interview Q&A
LinkedIn
Section 12 - Next Steps
One Final Thought
Products
Course
Section
Lesson
Interview Q&A
Interview Q&A
Workshop - Splunk Administrator
Buy now
Learn more
Discussions
Section 0 - Welcome & Orientation
About O-Line Security
Your Instructor
Section 1 - Foundations
Expectations & Objectives
What is a Splunk Administrator?
Section 2 - Environment Setup
Why AWS EC2 Infrastructure?
Understanding AWS Costs for Splunk Labs: Instances, Storage, and Optimization
Creating an EC2 Instance for Splunk Deployment
Install Splunk Enterprise
Configure Splunk Enterprise
EC2 Instance Lifecycle and IP Changes: What to Know Before You Stop or Start
Final Environment Validation and Readiness Check
Lab
Section 3 - Introduction to Splunk Configuration Files
Foundations and Structure
UI vs Backend Configuration Mapping
Precedence, Layering, and Troubleshooting
Configuration Precedence with BTOOL
Lab
Section 4 - Splunk Components
Instance Types
Identifying Instance Types
Section 5 - From UI to Configuration Files
Navigating Splunk Web as an Administrator
UI Changes to .conf Files
Section 6 - Splunk Administration: Users, Roles, and Access Control
Creating Users in Splunk
Creating Users in Splunk Web
Managing Users via CLI (Command Line Interface)
Validating User Access and Role Permissions in Splunk
Lab
Creating Roles in Splunk
Configuring Role Permissions in Splunk
Configuring Role Capabilities in Splunk
Configuring Role Settings
Defining Role Restrictions in Splunk
Implementing Roles Through Configuration Files
Authentication.conf and Authorize.conf
Section 7 - Splunk Platform Management
Index Configuration and Management
Creating Indexes via Splunk Web
Creating Indexes via CLI
Lab
Bucket Lifecycle in Splunk
Hot to Frozen Explained
Understanding Bucket Lifecycle in Splunk
Configuring Bucket Rolling in Splunk
Data Lifecycle
Data Ingestion in Splunk
Ingesting Data Using the Splunk CLI
Validating Ingested Data in Splunk
Lab
Auth Logs
Web Logs
Section 8 - Splunk Configuration Files and Management
Mapping Splunk Behavior to Configuration Files
inputs.conf
indexes.conf
server.conf
props.conf
transforms.conf
deploymentclient.conf
serverclass.conf
outputs.conf
authentication.conf & authorize.conf
How Splunk Configuration Files Work Together
Section 9 - Splunk Maintenance and Operations
Maintaining the Splunk Environment
Splunk Backup Strategies and Best Practices
Permission Management in Splunk
Analyzing Index Data with dbinspect
Monitoring Splunk with the Monitoring Console
Maintenance in Action
Gaining Insight and Visibility
Enhancing Visibility with Splunk Dashboards
Building Alerts for Monitoring and Response
Section 10 - Capstone Project
Capstone Overview
Capstone Project Review
Project Data Logs
Section 11 - Career Development Pack
Career Development
Resume Builder
Interview Q&A
LinkedIn
Section 12 - Next Steps
One Final Thought
Lesson unavailable
Please
login to your account
or
buy the course
.