I am about to take my Splunk Architect lab exam in very near future. I came to know that servers will be provided during lab exam and those servers will be blank. Is that true? Will the servers contain Splunk Enterprise and Universal forwarder binary files?
If no binary files are present in the server, then what is the way of downloading binary files in the Linux/Unix servers?
Yes you're right servers will be blank.....Depends on requirement you need to install the Splunk enterprise/Universal forwarder on each instance.
Step 1: Create a account in Splunk
Step 2: Download splunk enterprise/Universal forwarder (https://www.splunk.com/en_us/download/splunk-enterprise.html#tabs/linux)
Step 3: After down load you'll see'Use the command line download option(Copy the entire command and run the same command on linux instances).
Step 4: After running the wget command you'll see splunk installation file then perform unzip and start installtion.
Here is the sample wget command to download Splunk ....
wget -O splunk-6.5.1------------linux-2.6-x86_64.rpm 'https://www.splunk.com/bin/splunk/DownloadActivityServlet?architecture=x86_64&platform=linux&version=6.5.1&product=splunk&filename=splunk-6.5.1--------linux-2.6-x86_64.rpm&wget=true'
Yes you're right servers will be blank.....Depends on requirement you need to install the Splunk enterprise/Universal forwarder on each instance.
Step 1: Create a account in Splunk
Step 2: Download splunk enterprise/Universal forwarder (https://www.splunk.com/en_us/download/splunk-enterprise.html#tabs/linux)
Step 3: After down load you'll see'Use the command line download option(Copy the entire command and run the same command on linux instances).
Step 4: After running the wget command you'll see splunk installation file then perform unzip and start installtion.
Here is the sample wget command to download Splunk ....
wget -O splunk-6.5.1------------linux-2.6-x86_64.rpm 'https://www.splunk.com/bin/splunk/DownloadActivityServlet?architecture=x86_64&platform=linux&version=6.5.1&product=splunk&filename=splunk-6.5.1--------linux-2.6-x86_64.rpm&wget=true'
The architect certification doesn't require cluster administration course. It's better to contact Splunk educational support team for this.....
Practical Exam includes the following objectives:
Installation and Infrastructure
- Install a search head, deployment server and indexers
- Perform a scripted installation of universal forwarders
Configuration, Collection, and Comprehension
- Deploy all specified configurations via deployment server
- Gather data from forwarders and send to multiple indexes depending on use case
- Configure and confirm index-time knowledge
- Create search time field extractions
Searching and Reporting
- Create searches and dashboards for each required use case
Is the cluster administration course required for architect certification lab.? Will we use clustered deployments or non-clustered during the exam..?