Transitioning to Splunk Cloud (TSC)

 

Course Content

This 9-hour virtual course is for experienced on-prem administrators and anyone needing to ramp-up on Splunk Cloud to get more knowledge and experience of managing Splunk Cloud instances.

The course discusses the differentiators between on-prem Splunk and the different Splunk Cloud offerings. Modules include topics on how migrate data collection and ingest from on-prem Splunk to Splunk Cloud as well as highlighting Splunk Cloud specific differences and best practices to manage a productive Splunk SaaS deployment. For Splunk Administrators who have undertaken the System and Data Administration learning pathways, this course highlights key differences between Splunk Enterprise deployed on-premises and Splunk Enterprise Cloud to allow to ramp up their data and system management skills to transition to Splunk Cloud. The hands-on lab provides access to and experience of managing a Splunk Cloud instance.

Note: Splunk Cloud Administration and Transitioning to Splunk Cloud SHOULD NOT be taken together as both are designed to develop Splunk Cloud specific skills and as such there is some overlap.

Please note that this course may run over two days, with 4.5 hour sessions each day.

Who should attend

Splunk Enterprise Administrators

Certifications

This course is part of the following Certifications:

Prerequisites

To be successful, students must have completed these Splunk Education course(s) or have equivalent working knowledge:

Additional courses and/or knowledge in these areas are also highly recommended:

Outline: Transitioning to Splunk Cloud (TSC)

Module 1 – Splunk Cloud Overview

  • Describe Splunk and Splunk Cloud features and topology
  • Identify Splunk Cloud administrator tasks
  • Describe Splunk Cloud purchasing options and differences between Classic and Victoria experience
  • Secure Splunk deployments best practices
  • Explain Splunk Cloud data ingestion strategies

Module 2 – Splunk Cloud Migration

  • Understand the Splunk Cloud migration journey
  • Determine Splunk Cloud migration readiness
  • Identify Splunk Cloud migration preparation tasks, strategies, and possible challenges

Module 3 – Managing Users

  • Identify Splunk Cloud authentication options
  • Add Splunk users using native authentication
  • Create a custom role
  • Integrate Splunk with LDAP, Active Directory or SAML
  • Use Workload Management to manage user resource usage
  • Manage users in Splunk

Module 4 – Managing Indexes

  • Understand cloud indexing strategy
  • Define and create indexes
  • Manage data retention and archiving
  • Delete and mask data from an index
  • Monitor indexing activities

Module 5 – Managing Apps

  • Review the process for installing apps
  • Define the purpose of private apps
  • Upload private apps
  • Describe how apps are managed

Module 6 – Configuring Forwarders

  • List Splunk forwarder types
  • Understand the role of forwarders
  • Configure a forwarder to send data to Splunk Cloud
  • Test the forwarder connection
  • Describe optional forwarder settings

Module 7 – Common Inputs

  • Describe forwarder inputs such as files and directories
  • Create REST API inputs
  • Create a basic scripted input
  • Create Splunk HTTP Event Collector (HEC) agentless inputs

Module 8 – Additional Inputs

  • Understand how inputs are managed using apps or add-ons
  • Explore Cloud inputs using Splunk Connect for Syslog, Data Manager, Inputs Data Manager (IDM), Splunk Edge Processor, and Splunk Edge Hub

Module 9 – Using Ingest Actions

  • Explore Splunk transformation methods
  • Create and manage rulesets with Ingest Actions
  • Mask, filter and route data with Ingest Action rules

Module 10 – Managing Splunk Cloud

  • Secure ingest with Splunk Cloud Private Connectivity with AWS
  • Describe Federated Search functionality
  • Describe Splunk connected experience apps such as Splunk Secure Gateway
  • Monitor and manage resource utilization by business units and users using Splunk App for Chargeback
  • Perform self-service administrative tasks in Splunk Cloud using the Admin Config Service

Module 11 – Supporting Splunk Cloud

  • Know how to isolate problems before contacting Splunk Cloud Support
  • Use Isolation Troubleshooting
  • Define the process for engaging Splunk Support

Appendix

  • Explore Splunk security fundamentals

Prices & Delivery methods

Online Training

Duration
9 hours

Price
  • US $ 1,000
  • Splunk Training Units: 100 SPC
Enroll now
Request a date
Classroom Training

Duration
9 hours

Price
  • United States: US $ 1,000
  • Splunk Training Units: 100 SPC
Enroll now
Request a date

Click on town name or "Online Training" to book Schedule

Instructor-led Online Training:   This is an Instructor-Led Online (ILO) course. These sessions are conducted via WebEx in a VoIP environment and require an Internet Connection and headset with microphone connected to your computer or laptop. If you have any questions about our online courses, feel free to contact us via phone or Email anytime.

United Kingdom

 Online Training Time zone: British Summer Time (BST) Enroll
Online Training Time zone: British Summer Time (BST) Enroll