Detailed Course Outline
Module 1 – Splunk Troubleshooting Methods and Tools
- Describe the Splunk Troubleshooting Approach
- List Splunk Diagnostic Resources and Tools
- Create and Splunk a Diag
- Use RapidDiag
Module 2 – Indexing Problems
- Discover Splunk Deployment Topology and its Server Roles
- Identify Where to Check the Index-Time Pipeline Status
- Use the metrics.log to Clarify the Index-Time Problem
Module 3 – Input Configuration Problems
- Data Input Issues
- Troubleshooting Inputs with the Monitoring Console
Module 4 – Input Configuration Problems
- Deployment Server Issues
- Forwarding and Receiving Issues
Module 4 – Indexer Cluster Management Administration
- Peer Offline and Decommission
- Master App Bundles
- Indexer Cluster Storage Utilization Options
- Site Mapping
- Monitoring Console for Indexer Cluster Environment
Module 5 – License, Upgrade, and User Management Problems
- Installation Issues
- Upgrade Considerations
- Splunk Licensing Issues
- Splunk Roles and User Management Issues
Module 6 – Search Head Management Problems
- Troubleshoot Distributed Search Issues
- Identify Job Scheduling Problems
- Learn to Diagnose Crashing Problems
- Describe How to Prioritize Resources for Critical Splunk Processes
Module 7 – KV Store Collection and Lookup Management
- Identify the Types of Search Problems
- Isolate and Troubleshoot Search Problems