Autoplay
Autocomplete
Previous Lesson
Complete and Continue
Splunk - Beginner to Architect 2019
Getting Started
Introduction to the Course (2:40)
Download Links - Tutorial Data, Samples and Logs
Introduction to Splunk & Setting Up Labs
Introduction to Splunk (6:50)
Introduction to Docker Containers (9:47)
Setting up Docker Environment (11:55)
Installing Splunk - Docker Approach (6:16)
Installation Manual - Docker and RPM (6:32)
Installing Splunk - RPM Approach (6:32)
Data Persistence for Container Volumes (7:26)
Important Pointer for Docker in Windows (3:15)
Document - Persistent Docker Volume
Splunk Licensing Model (4:56)
Splunk Developer 10GB License (2:35)
Importing License into Splunk (2:02)
Getting Started with Splunk
Importing Data to Splunk (12:03)
Sample Tutorial Logs
Security Use-Case - Finding Attack Vectors (14:45)
Search Processing Language (SPL) (18:35)
Splunk Search Assistant (4:24)
Splunk Reports (6:39)
Splunk Report - Email Clarification (Followup) (1:22)
Understanding Add-Ons and Apps (12:42)
Splunk Add-On for AWS (10:14)
Splunk App for AWS (11:29)
Overview of Dashboards and Panels (7:41)
Building Dashboard Inputs - Time Range Picker (7:29)
Building Dashboard Inputs - Text Box (5:34)
Building Dashboard Inputs - Drop down (5:48)
Building Dashboard Inputs - Dynamic DropDown (3:24)
Splunk Architecture
Directory Structure of Splunk (10:48)
Splunk Configuration Directories (11:44)
Splunk Configuration Precedence (6:09)
Splunk Configuration Precedence - Apps and Locals (4:05)
Introduction to Indexes (12:36)
Bucket Lifecycle (17:18)
Warm to Cold Bucket Migration (7:28)
Archiving Data to Frozen Path (8:14)
Thawing Process (6:21)
Splunk Workflow Actions (5:58)
Forwarder & User Management
Overview of Universal Forwarders (4:49)
Installing Universal Forwarder in Linux (14:47)
Installation Manual - Splunk Universal Forwarder
Challenges in Forwarder Management (6:57)
Introduction to Deployment Server (8:43)
ServerClass and Deployment Apps (11:27)
Creating Custom Add-Ons for deployment (11:51)
Pushing Splunk Linux Add-On via Deployment Server (8:54)
Post Installation Activities
Understanding Regular Expressions (15:49)
Regex - Exercise
Parsing Web Server Logs & Named Group Expression (10:05)
Sample - Web Server Logs
Importance of Source Types (7:41)
Interactive Field Extractor (IFX) (5:50)
props.conf and transforms.conf (16:43)
Sample Log - MySQL Error Logs
Splunk Event Types (6:15)
Tags (6:53)
Splunk Events Types Priority and Coloring Scheme (7:12)
Splunk Lookups (13:51)
Splunk Alerts (7:17)
Security Primer
Access Control (10:26)
Creating Custom Roles & Capabilities (10:51)
Distributed Splunk Architecture
Overview of Distributed Splunk Architecture (7:14)
Understanding License Master (5:06)
Implementing License Master (5:43)
License Pools (6:12)
Indexer (4:51)
Masking Sensitive Data at Index Time (6:17)
Search Head (3:50)
Splunk Monitoring Console (6:32)
Indexer Clustering
Overview of Indexer Clustering (4:19)
Deploying Infrastructure for Indexer Cluster (7:18)
Document - Deploying Indexer Cluster Docker Containers
Master Indexer (7:45)
Peer Indexers (6:21)
Testing Replication and Failover capabilities (9:29)
Configuration Bundle (10:32)
Configuration Bundle - Part 02 (4:37)
Forwarding Logs to Indexer Cluster (11:34)
Indexer Discovery (10:02)
Indexer Discovery - Document
Searching Head Clustering
Overview of Search Head Clusters (3:50)
Deploying Infrastructure for Search Head Cluster (6:43)
Configuring Cluster Setup on Search Heads (12:00)
Search Head Clustering Setup - Document
Validating Search Head Replication (2:18)
Pushing Artifacts through Deployer (6:50)
Connecting Search Head Cluster to Indexer Cluster (6:02)
SH to IDX Cluster Document
Advanced Splunk Concepts
Using Btool for Troublshooting (8:53)
Overview of Data Models (5:08)
Creating Data Model - Practical (13:31)
Splunk Support Programs (8:06)
Installation Manual - Splunk Universal Forwarder
Lesson content locked
If you're already enrolled,
you'll need to login
.
Enroll in Course to Unlock