SPLK-1002: Splunk Core Certified Power User Certification Video Training Course
The complete solution to prepare for for your exam with SPLK-1002: Splunk Core Certified Power User certification video training course. The SPLK-1002: Splunk Core Certified Power User certification video training course contains a complete set of videos that will provide you with thorough knowledge to understand the key concepts. Top notch prep including Splunk SPLK-1002 exam dumps, study guide & practice test questions and answers.
SPLK-1002: Splunk Core Certified Power User Certification Video Training Course Exam Curriculum
Introduction
-
1. Introduction00:23
Introduction to Splunk Enterprise
-
1. Introduction to Module 0100:23
-
2. What is Splunk?04:41
-
3. Products of Splunk: Splunk Light02:04
-
4. Products of Splunk: Splunk Cloud01:51
-
5. Products of Splunk: Splunk Enterprise02:41
-
6. Products of Splunk: Hunk & Premium Apps04:48
-
7. Components of Splunk: Search Head01:36
-
8. Components of Splunk: Indexer01:22
-
9. Components of Splunk: Universal Forwarder01:37
-
10. Components of Splunk: Heavy Forwarder02:28
-
11. Components of Splunk: Deployment Server02:33
-
12. Components of Splunk: Cluster Master00:59
-
13. Splunk Package Downloads: Part 104:45
-
14. Splunk Package Downloads: Part 204:15
-
15. Splunk Package Downloads: Part 302:55
-
16. Splunk Add on and Application downloads05:11
-
17. Splunk GUI Overview : Part 105:50
-
18. Splunk GUI Overview : Part 204:54
-
19. Splunk GUI Overview : Part 305:42
-
20. Splunk GUI Overview : Part 405:40
-
21. Splunk GUI Overview : Part 505:14
-
22. Splunk GUI Overview : Part 607:18
-
23. Splunk Searching Basics : Part 105:37
-
24. Splunk Searching Basics : Part 205:43
-
25. Splunk Licensing02:53
-
26. Getting Help on Splunk Issues : Part 106:54
-
27. Getting Help on Splunk Issues : Part 201:32
-
28. Get 10 GB Free license of Splunk02:33
Designing Splunk Architecture
-
1. Splunk Visio Stencils usage06:39
-
2. Estimation of License required02:54
-
3. Evaluation : Search Head and Indexers04:49
-
4. Evaluation : Heavy Forwarder, License Manager and Deployment Server06:13
-
5. Estimation of Storage for Indexers05:04
-
6. Small Enterprise Architecture review05:47
-
7. Medium Enterprise Architecture review06:49
-
8. Large Enterprise Architecture review : Part 105:12
-
9. Large Enterprise Architecture review : Part 204:53
-
10. Understanding clustering and High Availability in Splunk08:12
-
11. Hardware Requirements for Splunk Architecture04:53
-
12. Capacity Planning for your Architecture02:12
Installation and Configuration of Splunk Components
-
1. Prerequisites for Splunk Installation : Part 103:34
-
2. Prerequisites for Splunk Installation : Part 208:40
-
3. Directory Structure of Splunk05:42
-
4. Configuration Hierarchy in Splunk06:27
-
5. Configuration Hierarchy in Splunk : Practical Example05:03
-
6. Testing Configuration Precedence04:53
-
7. Concluding Configuration Precedence04:51
-
8. Installation of Splunk Enterprise04:34
-
9. Installation of Splunk Universal Forwarder03:33
-
10. Installation of Splunk Search Head04:19
-
11. Installation of Splunk Indexers05:28
-
12. Installation of Splunk Heavy Forwarders and Deployment Servers05:35
-
13. Enable SSL on Splunk Enterprise Instance08:15
-
14. Enabling SSL from CLI04:33
-
15. Index, Indexes and Indexers05:02
-
16. Configuring Indexer: Enable Reciever03:39
-
17. Enabling Reciever from CLI and Configuration File Edit07:22
-
18. Default Index04:28
-
19. Index Creation From Splunk Web and Splunk CLI03:42
-
20. Index creation from Splunk Edit configuration file05:47
-
21. Configure Search head From Splunk Web05:46
-
22. Configure Search head From Splunk CLI04:09
-
23. Configure Search head From editing Configuration Files06:55
-
24. Configure Heavy Forwarder using Splunk Web and CLI06:39
-
25. Configure Heavy Forwarder using Splunk Configuration File Edit04:50
-
26. Configure Deployment Server From Splunk Web03:54
-
27. Configure Deployment Server From Splunk Configuration Edit05:16
-
28. Adding Clients to Deployment Server07:47
-
29. Deployment Client Config CLI and on Configuration Edit on Universal Forwarder07:24
-
30. Splunk License Manager Configuration05:23
-
31. Splunk Licensing Pool and Client Configuration07:35
Splunk Post Installation Activities : Knowledge Objects
-
1. Uploading Data to Splunk08:02
-
2. Adding Data to Splunk via configuration file edit05:02
-
3. Adding Data to Splunk via Splunk CLI02:58
-
4. Validation of On Boarded Data03:52
-
5. Source Sourcetype and Host Configuration07:10
-
6. Source Parameter Explaination01:30
-
7. Field Extraction Using IFX07:27
-
8. Field Extraction Using REX05:21
-
9. Adding Field Extraction to Search05:54
-
10. REGEX searching in Splunk05:06
-
11. Props Extract Command04:25
-
12. Props Report and Transforms04:38
-
13. Props.conf Location01:01
-
14. Eventtypes Creation and permission05:11
-
15. Eventtypes Use Case04:42
-
16. Tags Creation05:21
-
17. Manual Creation of Tags05:31
-
18. Lookups Creation in Splunk06:46
-
19. Searching Using Lookups in Splunk03:48
-
20. Lookups Use Case Example04:19
-
21. Creating Macros in Splunk07:48
-
22. Searching in Splunk05:06
-
23. Search Modes in Splunk07:41
-
24. Creating Alerts in Splunk05:17
-
25. Splunk Alert Condition and Sharing05:36
-
26. Editing Splunk alert and Alerts Actions03:56
-
27. Creating Splunk Reports04:46
-
28. Splunk Report Scheduling and Accelerating Reports05:10
-
29. Embeding Reports in External Applications04:46
-
30. Creating Dashboards in Splunk05:12
-
31. Adding Panels to Dashboards And adding Panel from Report05:17
Splunk Inbuilt & Advanced Visualizations
-
1. Editing Dashboard Using Source06:17
-
2. Dashboard Filters: Time Range05:08
-
3. Dashboard Filters: Text Box05:28
-
4. Dashboard Filters: Dropdown04:23
-
5. Dashboard Filters: Dynamic Filters08:26
-
6. Dashboard Drill down Example04:37
-
7. Dashboard Drilldown Configuration06:06
-
8. Dashboard Drilldown to Same dashboard04:52
-
9. What is a Splunk Workflow?04:20
-
10. Creating a Splunk Work Flow05:30
-
11. Demo of Splunk Work Flow Example02:27
-
12. Visualizations in Splunk05:22
-
13. Rest of the default Visualtization in Splunk07:11
-
14. Editing XML for Dashboards05:36
-
15. Adding Panel by Editing XML05:31
-
16. Out Of The Box Dashboards Examples06:07
-
17. Out Of The Box Journey Flow05:39
-
18. Exporting And Scheduled Dashboards06:30
Splunk Apps And Add-On's
-
1. What is an Add on?02:48
-
2. Installing Splunk Add on From Splunk Web07:10
-
3. Installing Splunk Add on From Splunk CLI04:23
-
4. Installation of Splunk App05:10
-
5. Disabling an App or Add on05:33
-
6. Creating your Own Splunk App02:53
-
7. Creating your Own Splunk App using Linux CLI06:04
-
8. Custom Navigation inside Apps : Part 105:26
-
9. Custom Navigation inside Apps : Part 207:16
-
10. Creating your Own Splunk App Via Splunk Web04:25
-
11. Custom Navigation inside Apps Using Splunk Web05:11
-
12. Custom Static Content Location for Apps04:58
-
13. Changing Custom Background of Login Page01:12
-
14. Custom Logo for the Splunk Login Page02:58
-
15. Customizing App Icon04:11
Forwarder Management And User Management
-
1. Splunk Forwarder Management02:28
-
2. Creating ServerClass.conf File04:29
-
3. ServerClass and DeploymentClient Configuration Files05:10
-
4. Apps on Deployment Server05:48
-
5. Deploying Apps using Deployment Server05:25
-
6. Creating Server Groups Using ServerClass.conf05:50
-
7. Creating Base Configurations05:04
-
8. Deploying Apps on Universal Forwarder Using Deployment Server03:19
-
9. Updating configuration and Deploying03:18
-
10. Forward Data out of the Splunk02:01
-
11. User Management in Splunk06:21
-
12. Creating Roles : Part 105:44
-
13. Creating Roles : Part 203:53
-
14. Creating Users : Part 101:15
-
15. Creating Users : Part 202:03
Splunk Indexer And Search Head Clustering
-
1. Introduction to Clustering and Indexer Clustering UseCase05:40
-
2. Search Head Clustering Use Case01:11
-
3. Single Site indexer Clustering02:29
-
4. Multisite Indexer Clustering02:43
-
5. Search Head Clustering00:56
-
6. Search Factor And Replication Factor02:06
-
7. Search Head Clustering Requirement Evaluation01:21
-
8. Heavy Forwarder Clustering01:59
-
9. Handson Indexer Clustering : part 0104:10
-
10. Handson Indexer Clustering : part 0204:41
-
11. Handson Indexer Clustering : part 0304:12
-
12. Handson Indexer Clustering : part 0405:06
-
13. Handson Indexer Clustering : part 0505:32
-
14. Handson Multisite Indexer Clustering : Part 0103:44
-
15. Handson Multisite Indexer Clustering : Part 0204:31
-
16. Handson Multisite Indexer Clustering : Part 0304:41
-
17. Handson Search Head Clustering : Part 0105:17
-
18. Handson Search Head Clustering : Part 0205:03
-
19. Handson Search Head Clustering : Part 0304:55
-
20. Search Head Clustering Validation03:41
Splunk Advanced Concepts
-
1. Binding Splunk to an IP Address02:18
-
2. Changing Process Name of Splunk Processes03:13
-
3. Disabling Splunk Web Components03:59
-
4. Splunk CLI Selective Restarting03:10
-
5. Splunk CLI: ENABLE, DISABLE and ADD commands02:42
-
6. Splunk CLI: Show Commands03:01
-
7. Splunk CLI: BTOOL Usage08:35
-
8. Splunk Quick Hacks for Restarting Splunk Web Components02:57
-
9. Splunk Creating Datamodels05:21
-
10. Splunk Datamodels Accelerations04:15
-
11. Splunk Datasets and Searchs06:14
-
12. Splunk Universal Forwarder Scripted Deployments06:54
Building Splunk Enterprise Architecture on Amason AWS Under 60 Minutes
-
1. Introduction to building Enterprise Architecture on Amazon AWS05:11
-
2. Building Splunk Enterprise Architecture on Amason AWS Under 60 Minutes59:18
Splunk Use Cases Of All Industries
-
1. Security Use Case: SQL Injection Detection in Splunk15:36
Congrats: Completion of the Course
-
1. Congrats: All the best for your Careers and Future Splunk learnings00:38
About SPLK-1002: Splunk Core Certified Power User Certification Video Training Course
SPLK-1002: Splunk Core Certified Power User certification video training course by prepaway along with practice test questions and answers, study guide and exam dumps provides the ultimate training package to help you pass.
Installation and Configuration of Splunk Components
6. Testing Configuration Precedence
The simplest way to check is probably to search for our internal locks index, which is equal to internal. Let us run for the last 15 minutes, which should be fine because there are two host names in the last 15 minutes. This was before we were testing hierarchical; if we keep it for just like the last five minutes, we'll be able to see our configuration from the host. System local has been picked up as per our configuration.
This is right. So this overwrites any configuration that has been defined in this location? We didn't change any default locations because it is highly recommended to edit any configuration under system default. We have edited these three configurations out. Of these totals, system-local got the highest preference. The configuration, as you can see, is reflected in our host name. Now, what happens if I eliminate my first one? By now, it should be clear that the hostname should be picked up from system local. Let us remove our configuration from system-local. ATC system local is where we define our configuration. Let us remove this, or you can comment it out, or you can completely remove it. I'll go ahead and restart my Splunk instance.
What do we expect to have on the host field now? It should be hosted under "app local," so that our second preference should be picked up from the application local directory. Our Splunk has been successfully restarted. Let me log in. Let me rerun the search for the last five minutes. As we can see, there is now a newhost entry, host under app local. since the last five minutes. This was the system default before editing any configuration, and this was after editing or specifying. the same configuration under four different hierarchies. The system local was clearly one, and we saw the first one's reflection when we saw the second one.
When we remove the configuration from here, even though the default is there, it will be overwritten by our local app local.It picked up our second hierarchy according to our understanding, so let us go ahead and remove our local app as well, so we'll be going under etc. apps for that. This is the app name where we edit the configuration; we will remove the local configuration now that the final fight is to pick up the configuration. The final fight will be between app default and system default. Let us restart a Splunk instance. Once we have restarted our Splunk instance, we should be able to see the latest host entry that will be under "App Default."
7. Concluding Configuration Precedence
Now our Splunk server has restarted. Let us log in. I'll look for events that occurred within the last minute so that we only see the most recent ones. As you can see now, we have a new entry host under "App Default." As per our understanding, we are clear that when the same configuration is defined in all four locations, whatever is defined in System Local will come up as the winner, and Splunk, while starting up, picks up any configuration here as it's the final configuration.
If it can't find the configuration here, it looks in the following three directories. If these three directories are selected, App Local will be the winner, and it will have the final configuration when starting this plan. Similarly, the app default and system default When there are conflicting or identical configurations, the app default will take precedence over any configuration between these two. If Splunk, while starting up, couldn't find any configuration or customization that has been defined in these three, it would look for our system default.
Let us go back and remove our default configuration from the app's default directory. I'll comment these out and restart my Splunk instance, so everything should be back to normal now. We have not customised any configuration whatsoever. It should be picking up directly from the system default location now that Splunk has started. Let me redundancy the search and rerun it. If you check for the latest event, it will be our default host name. System Default If you want to know where the system default is picking up, the host name is ATC System Default Inputs. It is mentioned as "deciding on startup."
So if your capital hostname command is defined on your OS, it can pick it up from the OS. So what this decide on startup does is, while starting up Splunk, it will check for the host name of the machine where Splunk is installed, and it will take that host name and assign it to your logs that are generated out of those machines. To be clear, when you are troubleshooting a configuration or editing a configuration in appdefault or app local, you will notice that it does not reflect the syntax being correct and everything. However, there may be a configuration in System Local that overwrites anything you define in these three locations.
Also, keep in mind that you should never attempt to modify the default location folder. Let me demonstrate that, regardless of whether your system account is used to run Splunk privileged or normal, these files in the system default will only have read permission. As you can see, this is the system default for all read permissions. Splunk highly recommends not editing these files so that if you mess up any configuration, your Splunk might never stop. Make sure you never touch these files if you want to edit them. Copy these files to any of these three locations and modify them.
8. Installation of Splunk Enterprise
Tutorial. I've created four machines to understand how we're going to install Splunk indexer, Splunk searcher, Splunk heavy forwarder, and Splunk deployment server, which we will also be using in this tutorial, and have configured all the credentials. and created our application users and metall selinx disabling PHP disabling firewall rules prerequisites All these have been taken care of so that we can get right into our installation part. If you're unsure about the prerequisites, just go back a few tutorials where we've solely discussed the prerequisites of our Splunk installation. Let me log into one of the Splunk instances. This is our Splunk searcher. I've logged in by default as an EC2 user. I'm going to become a privilege user.
So this is the command used in Linux to switch into privileged mode. This is our Splunk searcher, as you can see. I've already downloaded the Splunk installation package, which is the latest six six two. Let me now demonstrate how simple it is to install a package in Linux or how we will install Splunk. All I'm doing is rpm for Red Hat package manager, iPhone I for install, iPhone V for verbose mode, and iPhone H for human-readable output. I'll mention the file name that we are going to install. That is our Splunk enterprise package 66 to Enter. As it progresses, we'll see that the installation is almost done. Consider that even though we installed this package on a machine that was referred to us, Splunk is still unaware that it is certified.
We need to configure that; as of now, we can consider one instance of Splunk installed. Let us go to our next component. I'll copy the same command so that it will be easy for installation. I logged in as a privileged user. Now let me check whether I have the package. Yes, I have the package downloaded here. So the same command I copied and pasted worked without any issues. That's it. We have installed a Splunk instrument on the indexer. Now this is our order. I have logged in as a normal user. Let me switch to being a privileged user. Quickly verify whether we have the installation package. Paste our comment. Hit enter.
That is it. In a matter of minutes, we had installed three instances of Splunk. We have one more left. That is our Splunk Deployment or LicenseManager server; switch to the privilege user, verify the package, and paste the command, then press Enter. You can automate it by writing a small script like a Bash script and providing all the IP addresses where you want to install Splunk components. This should be the basics, so that one script should be able to execute everything. Now we have installed four instances of Splunk. Let us investigate. These are splunk-full instances. How to install the Splunk Universal Forward App.
9. Installation of Splunk Universal Forwarder
In our previous tutorial, we saw how to install Splunk on an indexer-heavy forwarder deployment server and searcher. For this tutorial, we will be using our local machine, which is my laptop, as a remote agent to the indexer in our cloud. This is the Splunk forwarder package, which is the latest six six two. The steps will be similar on any Windows platform.
Just check this box so that we are accepting licenses, and there is a customised option to change the default Splunk installation directory. We have also seen the default Splunk home when we are going through the directory structure of Splunk. This is your default Splunk home. If you are installing a full Splunk instance, it will be a C programme file called Splunk. For this tutorial, we'll be showing a demo of a Splunk Universal Forwarder installation, which is similar to a Splunk Enterprise.
So I'll keep this default setting as it is, and I'll be clicking next. The password it is asking for is for the SSL certificate. If we have an SSL certificate, like when we are hosting or sending it to the cloud, we can upload it here. Or if we are using the default Splunk-generated certificate, we can leave this blank. I'll be running using a local system account.
So what do we need to do? Let me enable everything so that we get most of the information to our Splunk instance. You can also specify a custom directory, such as Dor E direct E file systems, where you want to monitor in this path. Also, if you're installing an Active Directory service, make sure Active Directory monitoring is enabled. This is one of the important configurations. If you have a deployment server in your environment, you can mention the IP and host name during the installation.
We'll come to this part when we are configuring our deployment server and learn how to add this configuration as part of the installation, as part of using Splunk CLI, or by using configuration files. As of now, leave this blank. Continue. Similarly, now it is asking for indexers. Even the index or IP address will be coming to this part. when we are configuring how to set up an indexer. Then we will update this configuration in your universal forwarder, show three methods of splunk CLI editing configuration, and finish the installation. But still, those instances have not started up. We're going to configure them one by one and start those instances. So let this installation finish, and we should be able to proceed with the configuration of these installations.
10. Installation of Splunk Search Head
In our previous two lectures, we went through how to install Slunk on Linux, including the index order and deployment server, and how to install it on Windows. We looked out for the only universal forward that we have installed on a local laptop, which will be sending logs to our AV forwarder. Then the AV forwarder will pass the logs and send them to our indexer.
Now let's see some of the basic comments for the everyday operation of Splunk. Go to your Splunk installation directory, which is your Splunk home directory: c:programfiles Splunk universal forwarder go to Bin. There should be a Splunk exe stop command that allows you to terminate the instance. Similarly, the start or restart option should be able to bring up your service. Since our Splunk universal forwarder doesn't have web GUI content, there is only one port that has been used, which is 8089, and the rest of the ports are not being used.
The universal forwarder does only one job: offloading the data and forwarding it to others. Plank instance: now we know how to start, stop, or restart our Splunk instance in our windows. Let us see how to install our Splunk instance in a couple of Linux tutorials. Now, by default, Splunk is installed in the Splunk directory. From the prerequisites that we have gone through in earlier tutorials, we know that it's always recommended to run Splunk as a non-root user.
So for that purpose, I have created a user named Splunk. This user will be used to perform all Splunkactions such as starting, stopping, editing, and configuring Splunk; any related Splunktask will be performed under this user. Now I've changed my user to Splunk. Allow me to launch Splunk for the first time. You get a couple of screens, which I'll go through one by one. When I pressed the opt Splunk start button, the Pen licence agreement appeared, whereas in Windows, we had a checkbox to simply check the agreement. Here it displays if you want to read it; just hit "on" so that it will continue showing the entire license.
We have not bothered about the licence at this moment, so I'll just quit pressing Q and then hit Y to accept the license. Then enter. Now a Splunk search has been started successfully. Here are a couple of messages for you. Let's go over them one by one. Here is our licence acceptance. This was the last line before accepting the license.
So once we've accepted, it says this is the first time you're running Splunk on this machine. Yes, we just installed them and they are now operational. It is just copying some of the configuration from default to local. We'll go through them one by one, and it will generate certificates. Those are Splunk internal certificates for communication and exchange of data, and even HTTPS generates the certificates. Here is the certificate that it generated.
Prepaway's SPLK-1002: Splunk Core Certified Power User video training course for passing certification exams is the only solution which you need.
Pass Splunk SPLK-1002 Exam in First Attempt Guaranteed!
Get 100% Latest Exam Questions, Accurate & Verified Answers As Seen in the Actual Exam!
30 Days Free Updates, Instant Download!
SPLK-1002 Premium Bundle
- Premium File 188 Questions & Answers. Last update: Dec 05, 2024
- Training Course 187 Video Lectures
- Study Guide 879 Pages
Free SPLK-1002 Exam Questions & Splunk SPLK-1002 Dumps | ||
---|---|---|
Splunk.test4prep.splk-1002.v2024-09-23.by.orla.57q.ete |
Views: 256
Downloads: 308
|
Size: 458.16 KB
|
Splunk.certkiller.splk-1002.v2020-12-31.by.joao.39q.ete |
Views: 276
Downloads: 1520
|
Size: 359.92 KB
|
Splunk.pass4sures.splk-1002.v2020-08-20.by.bella.25q.ete |
Views: 593
Downloads: 1801
|
Size: 208.66 KB
|
Student Feedback
Can View Online Video Courses
Please fill out your email address below in order to view Online Courses.
Registration is Free and Easy, You Simply need to provide an email address.
- Trusted By 1.2M IT Certification Candidates Every Month
- Hundreds Hours of Videos
- Instant download After Registration
A confirmation link will be sent to this email address to verify your login.
Please Log In to view Online Course
Registration is free and easy - just provide your E-mail address.
Click Here to Register