-
Course
- Core Tech
Splunk Enterprise Administration: Configuring Distributed Search
You will gain an understanding of how Splunk executes a search and how Splunk distributes a search across a set of indexers.
What you'll learn
Learning to configure a distributed search doesn't need to be difficult. In this course, Splunk Enterprise Administration: Configuring Distributed Search, you'll gain the ability to configure Splunk platform correctly for efficient searching. First, you'll explore the anatomy of a search. Next, you'll discover how Splunk separates search management and presentation layers from indexing and search retrieval layers. Finally, you'll learn what knowledge bundles are and how Splunk manages knowledge bundles. When you are finished with this course, you'll have the skills and knowledge of how to configure distributed search groups needed to scale options available for distributed search.
About the author
Passionate about IT Ops, Karun has 20+ years of hands on experience with Linux, Cloud tech, Monitoring and Log aggregation. He enjoys creating learning materials that are engaging and provide immediate practical value.
More Courses by Karun