Detailed Course Outline
Module 1 – Large-scale Splunk Deployment Overview
- Identify factors that affect large-scale deployment design
- Describe approaches to scaling Splunk Enterprise
- Configure Splunk License Manager
Module 2 – Single-site Indexer Cluster
- Identify indexer cluster states
- Define replication factor and search factor
- Implement a single-site indexer cluster
Module 3 – Multisite Indexer Cluster
- Define site replication factor and site search factor
- Define search affinity
- Implement a multisite indexer cluster
Module 4 – Indexer Cluster Management Administration
- Distribute configurations and apps across peers
- Enable replication for clustered indexes
- Configure Monitoring Console for indexer cluster environment
Module 5 – Forwarder Management
- Configure indexer discovery
- Configure indexer acknowledgment
- Configure forwarder site failover
Module 6 – Search Head Cluster
- Configure a search head cluster
- Connect clustered and non-clustered indexers
Module 7 – Search Head Cluster Management an Administration
- Deploy configuration bundles to search head cluster members
- Manage captaincy and member addition, removal and upgrades
Module 8 – KV Store Collection Management
- Enable KV Store collection replication in a search head cluster
- Monitor KV Store status with Monitoring Console
Module 9 – SmartStore Implementation
- Identify use cases for deploying SmartStore
- Implement SmartStore in indexer cluster