SPLUNK Enterprise Certified Architect Practice Exam
The Splunk Enterprise Certified Architect exam demonstrates your understanding of best practices and your capability to deploy, administer, and resolve issues in intricate Splunk Enterprise setups. This exam enables you to develop a good understanding of Splunk Deployment Methodology and best practices for strategizing, gathering data, and determining the appropriate size for a distributed deployment. You will also learn how to manage and address issues in typical deployments involving indexer and search head clustering.
Exam Prerequisite:
Candidates must hold the following certifications before taking the exam:
- Splunk Core Certified Power User
- Splunk Enterprise Certified Admin
Who should take this exam?
Splunk Architects are in high demand in the job market due to their exceptional and rare expertise in the Splunk Enterprise platform. This exam is perfectly fit for:
- Aspiring Splunk experts
- Experienced platform architects
- Future consultants
Exam Details
- Exam Name: Splunk Enterprise Certified Architect
- Exam Languages: English
- Exam Questions: 85 Questions
- Time Duration: 90 minutes
- Exam Level: Expert
Splunk Enterprise Certified Architect Exam Course Outline
The Exam covers the given topics -
Topic 1: Overview 2%
1.1 Describing a deployment plan
1.2 Defining the deployment process
Topic 2: Project Requirements 5%
2.1 Identifying critical information about environment, volume, users, and requirements
2.2 Applying checklists and resources to aid in collecting requirements
Topic 3: Infrastructure Planning: Index Design 5%
3.1 Understanding design and size indexes
3.2 Estimating non-smart store related storage requirements
3.3 Identifying relevant apps
Topic 4: Infrastructure Planning: Resource Planning 7%
4.1 Listing sizing considerations
4.2 Identifying disk storage requirements
4.3 Defining hardware requirements for various Splunk components
4.4 Describing ES considerations for sizing and topology
4.5 Describing ITSI considerations for sizing and topology
4.6 Describing security, privacy, and integrity measures
Topic 5: Basics of Clustering 5%
5.1 Identifying non-smart store related storage and disk usage requirements
5.2 Identifying search head clustering requirements
Topic 6: Understand Forwarder and Deployment Best Practices 6%
6.1 Identifying best practices for forwarder tier design
6.2 Understanding configuration management for all Splunk components, using Splunk deployment tools
Topic 7: Understanding Performance Monitoring and Tuning 5%
7.1 Using limits.conf to improve performance
7.2 Using indexes.conf to manage bucket size
7.3 Tuning props.conf
7.4 Improving search performance
Topic 8:Learn about Splunk Troubleshooting Methods and Tools 5%
8.1 Splunk diagnostic resources and tools
Topic 9: Clarifying the Problem 5%
9.1 Identify Splunk’s internal log files
9.2 Identify Splunk’s internal indexes
Topic 10: Understand Licensing and Crash Problems 5%
10.1 License issues
10.2 Crash issues
Topic 11: Explore Configuration Problems 5%
11.1 Input issues
Topic 12: Search Problems 5%
12.1 Search issues
12.2 Job inspector
Topic 13: Understand Deployment Problems 5%
13.1 Forwarding issues
13.2 Deployment server issues
Topic 14: Large-scale Splunk Deployment Overview 5%
14.1 Identifying Splunk server roles in clusters
14.2 License Master configuration in a clustered environment
Topic 15: Single-site Indexer Cluster 5%
15.1 Splunk single-site indexer cluster configuration
Topic 16: Learn about Multisite Indexer Cluster 5%
16.1 Splunk multisite indexer cluster overview
16.2 Multisite indexer cluster configuration
16.3 Cluster migration and upgrade considerations
Topic 17: Indexer Cluster Management and Administration 7%
17.1 Indexer cluster storage utilization options
17.2 Peer offline and decommission
17.3 Master app bundles
17.4 Monitoring Console for indexer cluster environment
Topic 18: Search Head Cluster 5%
18.1 Splunk search head cluster overview
18.2 Search head cluster configuration
Topic 19: Understand Search Head Cluster Management and Administration 5%
19.1 Search head cluster deployer
19.2 Captaincy transfer
19.3 Search head member addition and decommissioning
Topic 20: KV Store Collection and Lookup Management 3%
20.1 KV Store collection in Splunk clusters