Training + Certification Discussions
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question
Solved! Jump to solution

How My Team Learned Splunk Quickly?

tomnguyen1
Explorer
‎10-27-2024 02:17 AM

Hello everyone, I am a programmer at Terus. After being promoted, I am managing a small group of programmers. Terus will soon receive an order from a domestic enterprise and my boss wants to assign it to me and my new team. The order's requirements are quite simple but require the use of some features from Splunk. I already have basic knowledge when using Splunk, but after surveying, the young people (5 people) in my group do not know anything about Splunk. Currently, I will have 2 months to train them to prepare for the project. But I tried to teach them in the first week but it seems not very feasible. When searching on the document, I accidentally found the community and a few people are admins and engineers of Splunk. Today, I want to ask everyone about the best way to learn for new people so that in the next month they can be confident to do the project.

Note: These members are quite smart and agile but it seems that my communication is not very good so I need help from everyone. Hope to receive everyone's sharing.

Labels (2)
Labels
0 Karma
Reply
1 Solution
Solved! Jump to solution
Solution

gcusello
SplunkTrust
SplunkTrust
‎10-27-2024 02:25 AM

Hi @tomnguyen1 ,

you should choose a learning path for you and your persons: at least one admin and Power Users and Developer for all.

Then after few months also Architect.

For more infos see at https://www.splunk.com/en_us/training/learning-paths.html?locale=en_us

I know that training is expensive but, if you're a Splunk Parner, you have the 50% of discount.

Ciao.

Giuseppe

View solution in original post

Reply
Solved! Jump to solution

PickleRick
SplunkTrust
SplunkTrust
‎10-27-2024 11:41 AM

Well, it depends greatly on what you will be doing with Splunk. There is a different set of skills needed if you are using Splunk directly as a (power) user - running ad-hoc searches, creating alerts or reports. A bigger set of skills is needed to write big interactive dashboards. Another set of skills is needed to deploy and maintain Splunk environments. And yet another is writing apps that interface with Splunk or extend Splunk as custom commands or modular inputs. So there is - as usual - no single "one size fits all" response.

You will most probably need the knowledge on User/Power User level whatever you do to be able to understand what Splunk is about and what you are doing even if you're dealing with another aspect of Splunk.

And you can't really skip the experience part. In order to do stuff efficiently and properly with Splunk (as with any other tool) you have to get experience and work out an intuition based on that experience.

0 Karma
Reply
Solved! Jump to solution

ITWhisperer
SplunkTrust
SplunkTrust
‎10-27-2024 02:42 AM

This seems a little backwards - why are you required to use "some of the features from Splunk"? I find it easier to learn something (like Splunk) by working from the requirement and if Splunk fits into the solution, then that's fine, but if it doesn't, then look for something else.

My first requirement was to collect usage data and provide a table of daily usage statistics for a product launch. This is quite a simple requirement and allowed me to build a simple dashboard and report, which I could then extend to cover different statistics and ways of representing the information gleaned from the data.

My advice would be to start small, and grow. Don't be too precious about getting it right and complete first time. Build a MVP, present it to your users and ask for feedback.

If you are in charge of developing a solution the produces logs for Splunk to ingest, find a suitable but simple format and try to use it consistently, so that field extraction becomes easy to extend and your requirements change (as they inevitably will).

You could also look at the Splunk tutorial and its dataset if your team needs something to play with ahead of you getting actual test data.

P.S. You may struggle to get further opinions since you have already (in less than half an hour) marked the question as solved!

Reply
Solved! Jump to solution

tomnguyen1
Explorer
‎10-27-2024 03:00 AM

Thanks for your contribution. I'm not very good at English so I have to use Google Translate. It seems my sentence is a bit confusing so Google Translate got my meaning wrong. Anyway, thank you again!

0 Karma
Reply
Solved! Jump to solution

tomnguyen1
Explorer
‎10-27-2024 02:28 AM

I can suggest Terus on this, thank you for giving such a great opinion

0 Karma
Reply
Solved! Jump to solution
Solution

gcusello
SplunkTrust
SplunkTrust
‎10-27-2024 02:25 AM

Hi @tomnguyen1 ,

you should choose a learning path for you and your persons: at least one admin and Power Users and Developer for all.

Then after few months also Architect.

For more infos see at https://www.splunk.com/en_us/training/learning-paths.html?locale=en_us

I know that training is expensive but, if you're a Splunk Parner, you have the 50% of discount.

Ciao.

Giuseppe

Reply
Get Updates on the Splunk Community!

Detecting Brute Force Account Takeover Fraud with Splunk

This article is the second in a three-part series exploring advanced fraud detection techniques using Splunk. ...

Buttercup Games: Further Dashboarding Techniques (Part 9)

This series of blogs assumes you have already completed the Splunk Enterprise Search Tutorial as it uses the ...

Buttercup Games: Further Dashboarding Techniques (Part 8)

This series of blogs assumes you have already completed the Splunk Enterprise Search Tutorial as it uses the ...
li.common.scroll-to.top