Splunk Enterprise Cluster Administration (SCLA)

 

Course Overview

The course provides the fundamental knowledge of deploying and managing Splunk Enterprise in a clustered environment.

Please note that this class has 13.5 hours of content and may run over three days, with 4.5 hour sessions each day.

Who should attend

Splunk administrators.

Certifications

This course is part of the following Certifications:

Prerequisites

To be successful, students must have completed these Splunk Education course(s) or have equivalent working knowledge:

Additional courses and/or knowledge in these areas are also highly recommended:

Outline: Splunk Enterprise Cluster Administration (SCLA)

Module 1 – Overview of Large-scale Splunk Deployment

  • Identify factors that affect large-scale deployment design
  • Describe approaches to scaling Splunk Enterprise
  • Configure Splunk License Manager

Module 2 – Deploying Single-site Indexer Clusters

  • Identify indexer cluster states
  • Define replication factor and search factor
  • Implement a single-site indexer cluster

Module 3 – Deploying Multisite Indexer Clusters

  • Define site replication factor and site search factor
  • Define search affinity
  • Implement a multisite indexer cluster

Module 4 – Updating Indexer Cluster Peer Configurations

  • Distribute configurations and apps across peers

Module 5 - Managing and Monitoring Indexer Clusters

  • Enable replication for clustered indexes
  • Configure Monitoring Console for indexer cluster environment

Module 6 – Configuring Indexer Discovery on Forwarders

  • Configure indexer discovery
  • Configure indexer acknowledgment
  • Configure forwarder site failover

Module 7 – Deploying Search Head Cluster

  • Configure a search head cluster
  • Connect clustered and non-clustered indexers

Module 8 – Managing and Monitoring Search Head Clusters

  • Deploy configuration bundles to search head cluster members
  • Manage captaincy and member addition, removal and upgrades

Module 9 – Using KV Store in a Search Head Cluster

  • Enable KV Store collection replication in a search head cluster
  • Monitor KV Store status with Monitoring Console

Prices & Delivery methods

Online Training

Duration
3 days

Price
  • Online Training: CAD 1,905
  • Online Training: US $ 1,500
  • Splunk Training Units: 150 SPC
Dates and Booking
Request a date
Classroom Training

Duration
2 days

Price
  • Canada: CAD 1,905
  • Splunk Training Units: 150 SPC
Dates and Booking
Request a date

Click on town name or "Online Training" to book Schedule

This is an Instructor-Led Classroom course
This is a FLEX course, which is delivered both virtually and in the classroom.

Europe

Germany

 Düsseldorf This is a FLEX course. Enroll
Online Training Time zone: Central European Summer Time (CEST) Enroll
Berlin This is a FLEX course. Enroll
Online Training Time zone: Central European Summer Time (CEST) Enroll
Munich This is a FLEX course. Enroll
Online Training Time zone: Central European Summer Time (CEST) Enroll
Hamburg This is a FLEX course. Enroll
Online Training Time zone: Central European Time (CET) Enroll