SPLK-1003 Splunk Enterprise Certified Admin
Course Description
This course teaches you how to search and navigate in Splunk, use fields,
get statistics from your data, create reports, dashboards, lookups, and alerts.
Scenario-based examples and hands-on challenges will enable you to create robust
searches, reports, and charts. It will also introduce you to Splunk’s datasets
features and Pivot interface.
Course Topics
Introduction to Splunk’s interface
Basic searching
Using fields in searches
Search fundamentals
Transforming commands
Creating reports and dashboards
Datasets
The Common Information Model (CIM)
Creating and using lookups
Scheduled Reports
Alerts
Using Pivot
Course Objectives
Module 1 – Introduction
Overview of Buttercup Games Inc.
Module 2 – What is Splunk?
Splunk components
Installing Splunk
Getting data into Splunk
Module 3 – Introduction to Splunk’s User Interface
Understand the uses of Splunk
Define Splunk Apps
Customizing your user settings
Learn basic navigation in Splunk
Module 4 – Basic Searching
Run basic searches
Use autocomplete to help build a search
Set the time range of a search
Identify the contents of search results
Refine searches
Use the timeline
Work with events
Control a search job
Save search results
Module 5 – Using Fields in Searches
Understand fields
Use fields in searches
Use the fields sidebar
Module 6 – Search Language Fundamentals
Review basic search commands and general search practices
Examine the search pipeline
Specify indexes in searches
Use autocomplete and syntax highlighting
Use SPL search commands to perform searches:
Module 7 – Using Basic Transforming Commands
The top command
The rare command
The stats command
Module 8 – Creating Reports and Dashboards
Save a search as a report
Edit reports
Create reports that include visualizations such as charts
and tables
Create a dashboard
Add a report to a dashboard
Edit a dashboard
Module 9 – Datasets and the Common Information Model
Naming conventions
What are datasets?
What is the Common Information Model (CIM)?
Module 10 – Creating and Using Lookups
Describe lookups
Create a lookup file and create a lookup definition
Configure an automatic lookup
Module 11 – Creating Scheduled Reports and Alerts
Describe scheduled reports
Configure scheduled reports
Describe alerts
Create alerts
View fired alerts
Module 12 – Using Pivot
Describe Pivot
Understand the relationship between data models and pivot
Select a data model object
Create a pivot report
Create an instant pivot from a search
Add a pivot report to a dashboard
Question: 1
Which setting in indexes. conf allows data retention to be controlled by time?
A. maxDaysToKeep
B. moveToFrozenAfter
C. maxDataRetentionTime
D. frozenTimePeriodlnSecs
Answer: B
Question: 2
The universal forwarder has which capabilities when sending data? (select
all that apply)
A. Sending alerts
B. Compressing data
C. Obfuscating/hiding data
D. Indexer acknowledgement
Answer: D
Question: 3
In case of a conflict between a whitelist and a blacklist input setting,
which one is used?
A. Blacklist
B. Whitelist
C. They cancel each other out.
D. Whichever is entered into the configuration first.
Answer: B
Question: 4
In which Splunk configuration is the SEDCMD used?
A. props, conf
B. inputs.conf
C. indexes.conf
D. transforms.conf
Answer: A
Click here
to view complete Q&A of SPLK-1003 exam
Certkingdom Review,
Certkingdom PDF Torrents
Best Splunk SPLK-1003 Certification, Splunk Enterprise Certified Admin SPLK-1003 Training at certkingdom.com
Comments |0|
Tagged with: Certkingdom SPLK-1003 free pdf download, Certkingdom SPLK-1003 Torrents, Certkingdom Splunk Core Certified, Exam SPLK-1003 ebooks, Exam SPLK-1003 labs, Exam SPLK-1003 online training, Exam SPLK-1003 PDF, Exam SPLK-1003 Q&A, Exam SPLK-1003 Study Guide, Exam SPLK-1003 testing engine, Exam SPLK-1003 videos, User PDF SPLK-1003