- • Jul 6-10, 2026 · Live Remote Online
- • Sep 7-11, 2026 · Live Remote Online
Splunk Enterprise Administration Fast Start
Course Duration
5 Days
Audience
Employees of federal, state and local governments; and businesses working with the government.
Prerequisites
Basic understanding of Linux/Unix command line. Familiarity with networking concepts (TCP/IP, DNS, ports). No prior Splunk experience required, though familiarity with Splunk search is helpful.
Course Description
This 5-day Fast Start bundles Splunk Enterprise System Administration and Splunk Enterprise Data Administration into a single intensive course. Students gain the knowledge and hands-on skills to deploy, configure, and manage Splunk Enterprise on-premises -- covering installation, user/role management, forwarder configuration, data inputs, index management, and the deployment server. This course is the primary preparation path for the Splunk Enterprise Certified Admin certification.
Learning Objectives
- Install and configure Splunk Enterprise components in a distributed deployment
- Manage Splunk licenses, users, and role-based access control
- Configure Splunk forwarders and deployment server for centralized management
- Ingest data from files, network ports, scripts, and APIs
- Manage indexes, buckets, and data retention policies
- Monitor and maintain Splunk system health
- Configure Splunk for high availability and performance
- Implement data parsing, transformation, and normalization at index time
Course Outline
System Administration
- Splunk component overview
- Installing Splunk Enterprise
- Managing licenses
- Configuring users and roles
- Using the deployment server
- Monitoring Splunk health
- Configuring forwarders
Data Administration
- Data input types and configuration
- Configuring file and directory inputs
- Network inputs and scripted inputs
- Index-time data processing
- Managing indexes and data retention
- Configuring sourcetypes
- Using transforms and props
Frequently Asked Questions
What does the Administration Fast Start cover?
This 5-day course covers both System Administration and Data Administration -- the full on-premises Splunk admin track -- including installation, forwarder deployment, data inputs, index management, user/role configuration, and the deployment server.
Is this course appropriate for someone new to Splunk?
Yes. While basic Linux command line familiarity is recommended, no prior Splunk experience is required. The course starts with Splunk fundamentals before moving into administration topics.
What certification does this course prepare me for?
This course prepares you for the Splunk Enterprise Certified Admin certification exam.
Is this different from taking System Admin and Data Admin separately?
The Fast Start covers the same content as SP-SESA and SP-SEDA combined, bundled into one continuous 5-day enrollment. It is the most efficient path to the Splunk Enterprise Certified Admin certification.
Is this course available as live remote online training?
Yes. IT Dojo offers this course as live remote online instruction. On-site delivery is also available.
How do I register?
IT Dojo training is employer sponsored. Contact IT Dojo via the Request Training form or call 757-216-3656.