دسترسی نامحدود
برای کاربرانی که ثبت نام کرده اند
دانلود کتاب Splunk Certified Study Guide: Prepare for the User, Power User, and Enterprise Admin Certifications
دانلود کتاب راهنمای مطالعه گواهی شده Splunk: برای گواهینامه های کاربر، کاربر قدرتمند و مدیر سازمانی آماده شوید
مشخصات کتاب
Splunk Certified Study Guide: Prepare for the User, Power User, and Enterprise Admin Certifications
ویرایش: 1
نویسندگان: Deep Mehta
سری:
ISBN (شابک) : 1484266684, 9781484266687
ناشر: Apress
سال نشر: 2021
تعداد صفحات: 439
زبان: English
فرمت فایل : PDF (درصورت درخواست کاربر به PDF، EPUB یا AZW3 تبدیل می شود)
حجم فایل: 12 مگابایت
قیمت کتاب (تومان) : 34,000
در صورت تبدیل فایل کتاب Splunk Certified Study Guide: Prepare for the User, Power User, and Enterprise Admin Certifications به فرمت های PDF، EPUB، AZW3، MOBI و یا DJVU می توانید به پشتیبان اطلاع دهید تا فایل مورد نظر را تبدیل نمایند.
توجه داشته باشید کتاب راهنمای مطالعه گواهی شده Splunk: برای گواهینامه های کاربر، کاربر قدرتمند و مدیر سازمانی آماده شوید نسخه زبان اصلی می باشد و کتاب ترجمه شده به فارسی نمی باشد. وبسایت اینترنشنال لایبرری ارائه دهنده کتاب های زبان اصلی می باشد و هیچ گونه کتاب ترجمه شده یا نوشته شده به فارسی را ارائه نمی دهد.
توضیحاتی در مورد کتاب راهنمای مطالعه گواهی شده Splunk: برای گواهینامه های کاربر، کاربر قدرتمند و مدیر سازمانی آماده شوید
گواهینامه Splunk خود را با این راهنمای مطالعه امتحان که گواهینامه های User، Power User و Enterprise Admin را پوشش می دهد، آسان تر کنید. این کتاب به سه بخش تقسیم شده است. بخش اول بر روی گواهیهای Splunk User و Power User تمرکز دارد که با نحوه نصب Splunk، زبان پردازش Splunk (SPL)، استخراج فیلد، نامهای مستعار فیلد و ماکروها و تگهای Splunk شروع میشود. شما می توانید مدل داده های خود را بسازید و یک داشبورد پیشرفته در Splunk آماده کنید.
در قسمت دوم، گواهینامه Splunk Admin را بررسی خواهید کرد. شامل پوشش عمیق مجوزهای Splunk و مدیریت نقش کاربر، و نحوه پیکربندی Splunk Forwarders، خوشه بندی نمایه ساز و خط مشی امنیتی Splunk خواهد بود. همچنین گزینه های پیشرفته ورودی داده را در Splunk و همچنین منطق ادغام فایل .conf، btool، ویژگی های مختلف، انواع بند، ویرایش ورودی های داده پیشرفته از طریق فایل .conf و انواع مختلف فایل های .conf در Splunk را بررسی خواهید کرد.< /p>
بخش پایانی موضوعات پیشرفته گواهینامه Splunk Admin را پوشش می دهد. همچنین عیب یابی Splunk و مدیریت زیرساخت Splunk موجود را یاد خواهید گرفت. علاوه بر کاوش در نحوه عیب یابی Splunk Enterprise با استفاده از کنسول مانیتورینگ و matrix.log، نحوه پیکربندی سر جستجو، خوشه بندی نمایه ساز چند سایت و همتایان جستجو را خواهید فهمید. این بخش همچنین شامل مشکلات جستجو و مشکلات پیکربندی خواهد بود. شما یاد خواهید گرفت که یک برنامه را از طریق یک سرور استقرار در نمونه مشتری خود راه اندازی کنید، یک کلاس سرور ایجاد کنید، و تعادل بار، پروکسی جوراب و کشف نمایه ساز را انجام دهید.
تا پایان Splunk راهنمای مطالعه گواهی شده، شما یاد خواهید گرفت که چگونه منابع را در Splunk مدیریت کنید و چگونه از خدمات REST API برای Splunk استفاده کنید. این بخش همچنین نحوه راهاندازی Splunk Enterprise را در پلتفرم AWS و برخی از بهترین روشها برای کارآمد کردن آنها با یکدیگر توضیح میدهد.
این کتاب تستهای سؤال چند گزینهای را برای هر بخش ارائه میکند که به شما در آمادهسازی بهتر کمک میکند. برای امتحان.
آنچه یاد خواهید گرفت
- برای موفقیت در Splunk User، Power User، و آزمونهای گواهی مدیریت
- اجرا و مدیریت خوشهبندی چند سایتی Splunk
- طراحی، پیادهسازی و مدیریت راهحل پیچیده Splunk Enterprise
- تسلط بر نقشهای Splunk Admin و عیب یابی
- پیکربندی Splunk با استفاده از AWS
این کتاب برای چه کسی است
< /p>
افرادی که به دنبال قبولی در آزمونهای User، Power User، و Enterprise Admin هستند. همچنین برای مدیران Splunk و مهندسین پشتیبانی برای مدیریت استقرار موجود مفید است.
توضیحاتی درمورد کتاب به خارجی
Make your Splunk certification easier with this exam study guide that covers the User, Power User, and Enterprise Admin certifications. This book is divided into three parts. The first part focuses on the Splunk User and Power User certifications starting with how to install Splunk, Splunk Processing Language (SPL), field extraction, field aliases and macros, and Splunk tags. You will be able to make your own data model and prepare an advanced dashboard in Splunk.
In the second part, you will explore the Splunk Admin certification. There will be in-depth coverage of Splunk licenses and user role management, and how to configure Splunk forwarders, indexer clustering, and the security policy of Splunk. You’ll also explore advanced data input options in Splunk as well as .conf file merging logic, btool, various attributes, stanza types, editing advanced data inputs through the .conf file, and various other types of .conf file in Splunk.
The concluding part covers the advanced topics of the Splunk Admin certification. You will also learn to troubleshoot Splunk and to manage existing Splunk infrastructure. You will understand how to configure search head, multi-site indexer clustering, and search peers besides exploring how to troubleshoot Splunk Enterprise using the monitoring console and matrix.log. This part will also include search issues and configuration issues. You will learn to deploy an app through a deployment server on your client’s instance, create a server class, and carry out load balancing, socks proxy, and indexer discovery.
By the end of the Splunk Certified Study Guide, you will have learned how to manage resources in Splunk and how to use REST API services for Splunk. This section also explains how to set up Splunk Enterprise on the AWS platform and some of the best practices to make them work efficiently together.
The book offers multiple choice question tests for each part that will help you better prepare for the exam.
What You Will Learn
- Study to pass the Splunk User, Power User, and Admin certificate exams
- Implement and manage Splunk multi-site clustering
- Design, implement, and manage a complex Splunk Enterprise solution
- Master the roles of Splunk Admin and troubleshooting
- Configure Splunk using AWS
Who This Book Is For
People looking to pass the User, Power User, and Enterprise Admin exams. It is also useful for Splunk administrators and support engineers for managing an existing deployment.
فهرست مطالب
Table of Contents About the Author About the Technical Reviewer Acknowledgments Introduction Part I: Splunk Architecture, Splunk SPL (Search Processing Language), and Splunk Knowledge Objects Chapter 1: An Overview of Splunk Overview of the Splunk Admin Exam Structure Requirements Blueprint An Introduction to Splunk The History of Splunk The Benefits of Splunk The Splunk Architecture Installing Splunk Installing Splunk on macOS Installing Splunk on Windows Adding Data in Splunk Summary Multiple-Choice Questions Further Reading Chapter 2: Splunk Search Processing Language The Pipe Operator Time Modifiers Understanding Basic SPL Search Language Syntax Boolean Operators in Splunk Syntax Coloring in SPL Sorting Results Sort Filtering Commands where dedup head tail Reporting Commands top rare history table stats Aggregate Functions Event Order Functions Multivalue stats and chart Functions Timechart Functions untable chart timechart Filtering, Modifying, and Adding Fields eval Comparison and Conditional Functions Conversion Functions Cryptographic Functions Date and Time Functions Informational Functions Mathematical Functions Multivalue eval Functions Statistical eval Functions Text Functions Trigonometric and Hyperbolic Functions Rex lookup Input Lookup Output Lookup Field Grouping Results Transaction Summary Multiple-Choice Questions References Chapter 3: Macros, Field Extraction, and Field Aliases Field Extraction in Splunk Regular Expressions Regular Expression Using Field Extraction Inline Regular Expression Using Field Extraction Delimiters Delimiters Using Field Extraction Macros Create a Macro Using Splunk Web Create a Macro Using the .conf File Field Aliases in Splunk Setting up Field Aliases Splunk Search Query Summary Multiple Choice Test Questions References Chapter 4: Tags, Lookups, and Correlating Events Splunk Lookups Looking up Table Files Lookup Definitions Automatic Lookups Splunk Tags Create Tags in Splunk Using Splunk Web Tag Event Types in Splunk Web Reporting in Splunk Creating Reports in Splunk Web Report Acceleration in Splunk Creating Report Acceleration Scheduling a Report in Splunk Alerts in Splunk Create Alerts in Splunk Using Splunk Web Cron Expressions for Alerts Summary Multiple-Choice Questions References Chapter 5: Data Models, Pivot, and CIM Understanding Data Models and Pivot Datasets and Data Models Creating Data Models and Pivot in Splunk Creating New Datasets Predicting a Sales Pattern Event Actions in Splunk GET Workflow Actions Defining a GET Workflow Action Search Workflow Action Defining Search Workflow Action Common Information Model in Splunk Defining CIM in Splunk Summary Multiple-Choice Questions References Chapter 6: Knowledge Managers and Dashboards in Splunk Understanding the Knowledge Manager’s Role in Splunk Globally Transferring Knowledge Objects Enabling Knowledge Object Visibility Restricting Read/Write Permissions on an App Orphaned Knowledge Objects Run a Monitoring Console Health Check Using the Reassign Knowledge Objects Page in Settings Reassigning a Knowledge Object to Another Owner Dashboards Static Real-Time Dashboards Creating a Report in Splunk to Get a Total Transaction Request on the Web Page Creating a Report in Splunk to Get a Total Transaction Request from Western USA Creating a Report in Splunk to Get a Total Transaction Request from Eastern USA Creating a Report in Splunk to Get a Successful Transaction Request on the Web Page Creating a Total Sales Report for Western US Cities Creating a Total Sales Report for Eastern US Cities Creating Report for an HTTP Status Code Creating a Report for an HTTP Method Creating Report to Get a Total Transaction Request for Different Categories Creating a Dashboard Adding a Report to a Dashboard Dynamic Form-based Dashboards Adding a Radio Button Using XML Adding a Time Modifier Using XML Adding a Drop-Down Menu Using XML Adding a Link List Using XML Using the User Interface for Input Summary Multiple-Choice Questions References Chapter 7: Splunk User/Power User Exam Set Questions Summary Part II: Splunk Data Administration and System Administration Chapter 8: Splunk Licenses, Indexes, and Role Management Buckets How Does a Bucket Work? How Search Is Performed in Buckets Understanding journal.gz, .tsidx, and Bloom Filters How Do Search Functions Work? Splunk Licenses Changing a License Group in Splunk Managing Splunk Licenses License Masters and Slaves License Master License Slave Adding a License in Splunk License Pooling Creating a License Pool Managing Indexes in Splunk Creating an Index in Splunk Creating an Index Using Splunk Web Creating an Index Using a Splunk Configuration File Creating an Index Using Splunk CLI User Management Adding a Native User Defining Role Inheritance and Role Capabilities Summary Multiple-Choice Questions References Chapter 9: Machine Data Using Splunk Forwarder and Clustering Splunk Universal Forwarder Configuring Splunk Indexer to Listen to Data for Universal Forwarder Configuring Windows Splunk Forwarder Splunk Universal Forwarder Using Windows Splunk Universal Forwarder Using .msi Configuring Linux Splunk Forwarder Splunk’s Light and Heavy Forwarders Splunk Heavyweight Forwarder Configuring Heavy Forwarder Configuring Heavy Forwarder to Index and Forwarding Data from a Universal Forwarder Splunk Light Forwarder Forwarder Management Configuring Forwarder Management Configuring the Forwarder Management Client Splunk Indexer Clusters Configuring Indexer Clusters Creating an Indexer Cluster Using Splunk Web Creating an Indexer Cluster Using a Splunk .conf File Creating an Indexer Cluster Using Splunk CLI Splunk Lightweight Directory Access Protocol (LDAP) Creating an LDAP Strategy Mapping LDAP Group to Splunk Roles Splunk Security Assertion Markup Language (SAML) Configuring Splunk SAML Map SAML to User Roles Summary Multiple-Choice Questions References Chapter 10: Advanced Data Input in Splunk Compress the Data Feed Indexer Acknowledgment Securing the Feed Queue Size Monitor Input Monitor Files Monitor Directories Monitor Files and Directory Using Splunk Web Monitor File and Directory Using inputs.conf Scripted Input Scripted Input Using Splunk Web Scripted Input Using inputs.conf file Network Input Add Network Input Using Splunk Web and Deploy It to the Forwarder Modify Network Input Using .conf Files Configure TCP Network Input Using .conf File Configure Network UDP Input Using .conf File Pulling Data Using Agentless Input HTTP Input Using Splunk Web Configure HTTP Event Collector in Splunk Configure HTTP Input Using .conf File Configure HTTP Event Collector in Splunk Using .conf File Parse Data in Splunk Using HTTP Event Collector Summary Multiple-Choice Questions References Chapter 11: Splunk’s Advanced .conf File and Diag Understanding Splunk .conf files props.conf indexes.conf transforms.conf inputs.conf outputs.conf deploymentclient.conf Setting Fine-Tuning Input Custom Source Types Using Splunk Web Custom Source Types Using props.conf Anonymizing the Data props.conf to Anonymize Data with a sed Script Syntax to Anonymize Data with a sed Script props.conf and transforms.conf to Anonymize Data with Regular Expressions Understanding Merging Logic in Splunk Configuration File Precedence Splunk Determine Precedence Order Splunk .conf Files Location Configuration Merging Logic Example 1: Configuration Merging (No Conflict) Example 2: Configuration Merging (Conflict) Example 3: Configuration Merging (Conflict) Debugging Configuration Files Example: Btool for Troubleshooting a Configuration File Creating a Diag Creating a Diag in Splunk Summary Multiple-Choice Questions Reference Chapter 12: Splunk Admin Exam Set Questions Summary Part III: Advanced Splunk Chapter 13: Infrastructure Planning with Indexer and Search Head Clustering Capacity Planning for Splunk Enterprise Dimensions of a Splunk Enterprise Deployment Incoming Data Affects Splunk Enterprise Performance Indexed Data Affects Splunk Enterprise Performance Concurrent Users Affects Splunk Enterprise Performance Saved Searches on Splunk Enterprise Performance Disk Storage for Splunk Enterprise Configuring a Search Peer Configuring a Search Peer from Splunk Web Configure Splunk Search Peer from the .conf File Configure Search Peer from Splunk CLI Configure a Search Head Configuring a Search Head Using Splunk Web Configure Splunk Search Head Using .conf file Configuring a Search Head from Splunk CLI Search Head Clustering Search Head Cluster Captain The Role of Captains Captain Election Configure Search Head Cluster Using CLI in Splunk Configure Dynamic Search Captain Using Splunk CLI Configure Static Search Captain Using Splunk CLI Multisite Indexer Clustering Configure Multisite Indexer Clustering Using .conf Files Configure Splunk Multisite Indexer Clustering Using CLI Splunk Validated Architectures (SVAs) Designing Splunk Validated Architectures Small-Scale Enterprise Deployment Medium-Scale Enterprise Deployment Large-Scale Enterprise Deployment Multi-site (M3/M13) Multi-site (M4/M14) Splunk Architecture Practices Use Case: Company XYZ Splunk Data Inputs Splunk Index Calculation Splunk Total Disk Size Splunk User Planner Hardware and Splunk Scaling Considerations Disk Size Calculation Summary Multiple-Choice Questions References Chapter 14: Troubleshooting in Splunk Monitoring Console Single Instance Deployment Monitoring Console Multi-Instance Deployment Monitoring Console Monitor System Health with Monitoring Console Configure Forwarder Monitoring for the Monitoring Console Log Files for Troubleshooting The metrics.log File Pipeline Messages Queue Messages Thruput Messages Tcpout Connection Messages udpin_connections Messages bucket_metrics Messages Job Inspector Job Inspector Example Query Troubleshooting License Violations Violation Due to an Improper Connection Between License Master and Slave Node Troubleshooting Deployment Issues Troubleshooting Splunk Forwarders Troubleshooting Splunk Indexers Troubleshooting Clustering Issues Multi-Search Affinity More Bucket Issues Summary Multiple-Choice Questions References Chapter 15: Advanced Deployment in Splunk Deploying Apps Through the Deployment Server Create App Directories and View Apps in Forwarder Management Create App Directories View Apps in Forwarder Management Redeploy Apps to the Client Deploying an App Using Forwarder Management Deploy an App by Editing serverclass.conf Redeploy an App After You Change the Content Deploy Apps to New Client App Management Issues Deployment Server Is Irreversible Apps with Lookup Tables Creating a Server Group Using ServerClass.conf Configure a Server Class Using Forwarder Management Deploy Configuration File Through Cluster Master Managing Indexes on Indexer Using Master Node Deploy App on Search Head Clustering Configure the Deployer to Distribute Search Head Apps Load Balancing Configure Static Load Balancing in Splunk Forwarder Using outputs.conf Configure a Static Load Balancer by Time Configure Static Load Balancer by Volume Specify Load Balancing from Splunk CLI Indexer Discovery Configure Indexer Delivery Configure the Peer Nodes Configure Peer Node Using Splunk Web Configure the Peer Node Using inputs.conf Configure the Master Node Configure the Forwarders SOCKS Proxy Configure SOCKS Proxy Summary Multiple-Choice Questions References Chapter 16: Advanced Splunk Managing Indexes Configure Event Indexes Configure Event Indexes Using a Splunk Configuration File Configure Event Indexes Using Splunk CLI Configure Metrics Indexes Configure Metric Indexes Using a Splunk Configuration File Remove Indexes and Index Data for Managing Indexes Configure Index Parallelization for Managing Indexes Configure Pipeline Sets for Index Parallelization Configure the Index Allocation Method for Index Parallelization Manage Index Storage Move the Index Database Configure Maximum Index Size for Indexer Storage Set Limit for Disk Usage in Splunk Configure Splunk to Set a Limit for Disk Usage Using Splunk CLI Configure Splunk to Set a Limit for Disk Usage Using a Splunk Configuration File Managing Index Cluster Configuring Peer Node to Offline Configure Splunk to Offline Mode Using Splunk CLI Configure Splunk to Maintenance Mode Using Splunk CLI Rolling Restart in Splunk Using Splunk CLI Specify the Percentage of Peer to Restart at a Time Using Splunk CLI Searchable Rolling Restart Using Splunk CLI Remove Excess Buckets Copies from the Indexer Cluster Remove a Peer from Master’s List Managing a Multisite Index Cluster Master Site in Multisite Index Cluster Fails Configure Standby Server Back up the Files That the Replacement Master Needs Ensure That the Peer and Search Head Nodes Can Find the New Master Restart Indexing in the Multisite Cluster After a Master Restart or Site Failure Move a Peer to a New Site REST API Endpoints Running Searches Using REST API Create a Search Job Manage Configurations File in Splunk Splunk SDK Python Software Development Kit for Splunk Program for Data Input in Splunk Using splunklib.client Program for Search in Splunk Using a Command Line Summary Multiple-Choice Questions References Chapter 17: Final Practice Set Questions Summary Chapter 18: Setting up a Splunk Environment with AWS Amazon Web Services Configuring an EC2 Instance Using the AWS Management Console Configuring Splunk on an EC2 Instance Configuring Splunk Enterprise Configuring Splunk Forwarder Deploying Multisite Index Clustering Configuring a Cluster Master Configuring a Slave Node Deploying a Search Head Configuring a Search Head Configuring Search Head Clustering Deploying Configurations Configuring a Cluster Master Deploying an App to Search Head Cluster Using Deployment Server Configuring a Universal Forwarder for Indexer Discovery Configuring a Cluster Master for Indexer Discovery Configuring a Universal Forwarder for Indexer Discovery Configuring a Universal Forwarder for Indexer Deployment Configuring a Deployment Server for Deployment Configuring a Forwarder for the Deployment Server Deploying the UF1 App Configuring the Master Node, Deployment Server, and Search Head 4 to Send Internal Logs Monitoring Distributed Environments Adding a Search Peer to Monitor General Setup for Distributed Environments Conclusion Index
