TSTAS, the Life of a Splunk Trainer and using DevOps in Splunk Development
Some interesting talks about using TSTATS and the internal Splunk logs, have a Splunk Trainer share his journey with Splunk and how he's managed to achieve every possible Splunk certification (over 10!), and a short discussion about emerging thoughts of using development/release frameworks with Splunk deployments.
28. Accreditations…so far!
Splunk Accredited Sales Rep I
Splunk Accredited Sales Rep II
Splunk Accredited IT & App Sales Rep
Splunk Accredited Sales Engineer I
Splunk Accredited Implementation Fundamentals
Splunk Accredited Core Implementation
Splunk Accredited ES Implementation
29. Origin Story
Every Splunk hero has one!
Spanned 2 Continents
Varsity Baby!
Boom…Injury
Return to roots.
Man up & save the world one event at a time!
34. Put that in your | and Splunk it!
Started with ECS in June 2016
Consultant II by November 2016
ITSI Specialist since 2017
Enterprise Security Implementation gained in 2018
Splunk Trainer since January 2018
35. The Padawan to Master
2 x Interviews with Heads of Splunk Training (US)
Competence and Personality tested
1 x Train the Trainer session
Show the logistic tooling & processes
Present a module to the Trainer
36. A Day in the Life…
Access to the training center to confirm numbers and attendees.
All pre-class actions are automated:
Links to user watermarked documents sent to individuals & full list to trainer 2
days before the course.
Lab credentials created and sent to instructor.
WebEx session automatically configured ready to be joined.
Question etiquette
Best to save questions, unless pertinent to continuing, until at least after the 2nd
lab. Generally a lot of time is spent before and after first lab answering access
issues.
Where possible ask the question to all participants as it will help in the learning
and is not as easy for the trainer to miss.
37. Labs should be done in order as some activities rely on previous labs
being completed.
However don’t rush! The labs do not need to be completed in the allotted
time, only before the entire course finishes.
If in an office location, ensure that access over HTTPS and SSH is
available out of the network.
If not then this can be worked around, but will take some time for the
instructor to implement.
Test your access before the class (if possible)
38. Enablement
This position allows me to:
Offer more internal training along side the standard path.
Provide Splunk training to ECS clients.
Keep in touch with any changes coming in.
39. Tips
Don’t eat yellow snow
Install, Install, Install
Until it is muscle memory
Where possible script
Helps develop logic and defensive coding practices.
Always Best Practice in Labs & Exams!
Implementing Best Practice even if not specifically asked can gain
additional points/kudos.