• No products in the cart.

Splunk Enterprise System Administration Course Description

This 2-day Splunk enterprise system admin course is designed for system administrators who are responsible for managing the Splunk Enterprise environment. The course provides the fundamental knowledge of Splunk license manager, indexers, and search heads. It covers configuration, management, and monitoring core Splunk Enterprise components.

Splunk is a software that enables and manages search data from any application, server, and network device in no time. Splunk makes machine data reachable, utilizable and helpful to everyone. It’s the secure way to examine the enormous streams of machine data produced by technology infrastructure and IT systems —virtual, physical, and in the cloud.


Splunk Enterprise System Admin Course Learning Outcomes;

  • Splunk Deployment Overview
  • License Management
  • Splunk Apps
  • Splunk Configuration Files
  • Users, Roles, and Authentication
  • Getting Data In
  • Distributed Search
  • Introduction to Splunk Clusters


Splunk Enterprise System Admin Training – Suggested Audience

Suggested audience are;

  • Software Developers
  • System Administrators
  • Search analysts
  • Database experts
  • Administrators


Splunk Enterprise System Administration Training – Prerequisites

Splunk 6.6 Fundamentals Part 1. You could go through this free training here. You should have completed Splunk Fundamentals Part 2.


Splunk Enterprise System Administration In-house/Corporate Training

If you have a group of 5-6 participants, apply for in-house training. For commercials please send us an email with group size to

Course Curriculum

Module 1 - Splunk Developer Overview
Splunk overview Details 00:00:00
Identify Splunk components Details 00:00:00
Identify Splunk system administrator role Details 00:00:00
Module 2 - License Management
Identify license types Details 00:00:00
Describe license violations Details 00:00:00
Add and remove licenses Details 00:00:00
Module 3 - Splunk Apps
Describe Splunk apps and add-ons Details 00:00:00
Install an app on a Splunk instance Details 00:00:00
Manage app accessibility and permissions Details 00:00:00
Module 4 - Splunk Configuration Files
Describe Splunk configuration directory structure Details 00:00:00
Understand configuration layering process Details 00:00:00
Use btool to examine configuration settings Details 00:00:00
Module 5 - Splunk Indexes
Describe index structure Details 00:00:00
List types of index buckets Details 00:00:00
Create new indexes Details 00:00:00
Monitor indexes with Monitoring Console Details 00:00:00
Module 6 - Search Head Cluster
Apply a data retention policy Details 00:00:00
Backup data on indexers Details 00:00:00
Delete data from an index Details 00:00:00
Restore frozen data Details 00:00:00
Module 7 - Splunk User Management
Describe user roles in Splunk Details 00:00:00
Create a custom role Details 00:00:00
Add Splunk users Details 00:00:00
Module 8 - Splunk Authentication Management
Integrate Splunk with LDAP Details 00:00:00
List other user authentication options Details 00:00:00
Describe the steps to enable Multifactor Authentication in Splunk Details 00:00:00
Module 9 - Getting Data In
Describe the basic settings for an input Details 00:00:00
List Splunk forwarder types Details 00:00:00
Configure the forwarder Details 00:00:00
Add an input to UF using CLI Details 00:00:00
Module 10 - Distributed Search
Describe how distributed search works Details 00:00:00
Explain the roles of the search head and search peers Details 00:00:00
Configure a distributed search group Details 00:00:00
List search head scaling options Details 00:00:00

Course Reviews


  • 5 stars0
  • 4 stars0
  • 3 stars0
  • 2 stars0
  • 1 stars0

No Reviews found for this course.