The Splunk Core Certified Advanced Power User course is designed to take your Power User skills to the next level. It focuses on complex searching and reporting, advanced use cases of knowledge objects, and best practices for dashboards and forms.
The data platform that helps turn data into action for Observability, IT, Security and more.
Splunk’s extensible data platform powers unified security, full-stack observability and limitless custom applications.
The Splunk platform removes the barriers between data and action, empowering observability, IT and security teams to ensure their organizations are secure, resilient and innovative.
Founded in 2003, Splunk is a global company — with over 7,500 employees, 850 patents and availability in 21 regions around the world — and offers an open, extensible data platform that supports shared data across any environment so that all teams in an organization can get end-to-end visibility, with context, for every interaction and business process.
Recommended Splunk blogs:
- The Value of Data: The ROI of Splunk Training for Organizations
- Why Splunk Certification is a Game-Changer for Your Career in 2025
- Splunk for IT Professionals: Key Skills to Stay Ahead in 2025
Build a strong data foundation with Splunk training and certification today offered by Trainocate Malaysia.
-
This blended course is for Devops/SREs and Developers.
The course describes ways to enhance dashboards and alerts to help with troubleshooting. You will also be able to
find insights using analytics in charts and detectors and to create detectors for common use cases. -
This 1-virtual day course is designed for the experienced Splunk system administrators. This hands-on class is designed to provide the essential knowledge for deploying and managing Splunk SmartStore.
It covers SmartStore deployment options, cache manager configurations, monitoring, and troubleshooting of SmartStore implementation.
-
This 9-hour virtual course highlights key differences between Splunk Enterprise deployed on-premises and Splunk Enterprise Cloud to allow Splunk Administrators to transition to Splunk Cloud.
This course provides the skills and knowledge for experienced on-prem administrators to migrate the collection and data ingest as well as manage their Splunk Cloud environment and maintain a productive Splunk SaaS deployment.
-
This 9-hour course is for developers who want to use the Splunk REST API to interact with Splunk servers. In this course, use curl and Python to send requests to Splunk REST endpoints and learn how to parse and use the results. Create a variety of objects in Splunk, learn how to change properties, work with and apply security to Splunk objects, run different types of searches and parse its results, ingest data using the HTTP Event Collector and manipulate collections and KV Stores.
-
This 4-day course is designed for the experienced Splunk administrators who are new to Splunk DSP. This hands-on class provides the fundamentals of deploying a Splunk DSP cluster and designing pipelines for core use cases. It covers installation, source and sink configurations, pipeline design and backup, and monitoring a DSP environment.
-
This 13.5-hour course is for users who want to attain operational intelligence level 4, (business insights) and covers implementing analytics and data science projects using Splunk’s statistics, machine learning, built-in and custom visualization capabilities.
-
This 3 hours course prepares IT professionals to configure and manage SOAR.
-
This virtual course targeted to SREs and DevOps enables you to monitor and troubleshoot your Kubernetes clusters with Splunk Observability Cloud. Through discussions and hands-on activities, learn to explore and use the Kubernetes Navigator, built-in dashboards, and AutoDetect to monitor the health of your cluster. Create custom dashboards and detectors to monitor and troubleshoot common Kubernetes trouble conditions. This course assumes basic knowledge of Kubernetes and familiarity with navigating Splunk IM.
This lab-oriented class is designed to help you learn best practices and tips to use Splunk Observability Cloud to monitor and troubleshoot Kubernetes clusters. All hands-on labs are performed in the Observability Cloud UI.
-
This single subject course targeted to developers enables you to manually instrument your applications to send traces to Splunk APM. Through in-person discussions and hands-on activities, learn to manually instrument applications to create spans and add metadata to spans. This course assumes familiarity with navigating Splunk APM which is covered in the course Using Splunk Application Performance Monitoring.
This lab-oriented class is designed to help you learn the fundamentals of instrumenting your code to send in traces and trace metadata. All hands-on labs are in Python and Java.
-
This course is targeted towards Splunk On-call admins responsible for setting up incident response with Splunk On-Call. This 4.5-hour virtual course describes the tasks required to set up on-call teams, including defining schedules, on-call rotations and shifts. Learn to set-up and configure alerts and integrations. Create post incident review reports, track response metrics and customize reports. Use advanced features such as the Rules engine for advanced customization and configure webhook integrations. All concepts are taught using lectures and scenario-based hands-on activities.
-
This single subject course targeted to DevOps enables you to learn configuration techniques to send traces to Splunk APM. Through inperson discussions and hands-on activities, learn to deploy the Splunk OpenTelemetry Collector on a Linux host. Use the OpenTelemetry Collector to configure processor components to modify trace metadata. Use auto-instrumentation to send in traces without altering your code. Enable AlwaysOn profiling to monitor code performance. This course assumes familiarity with navigating Splunk APM which is covered in the course Using Splunk Application Performance Monitoring.
-
This 4.5-hour virtual course, targeted towards developers and DevOps, focuses on creating custom metrics to monitor your applications/services with Splunk IM. Learn to instrument applications/services to send in custom metrics that characterize the application of service. Define relevant metadata for your metrics to let you find, filter and aggregate the metrics that you want to chart or alert on. Create charts and custom dashboards to visualize these custom metrics. Create detectors to monitor the metrics to alert when there are any issues with the application or service. This course assumes that you have completed the Splunk Infrastructure Monitoring Fundamentals course. Learn the concepts and apply the knowledge through discussions and hands-on activities.
-
This 9-hour virtual course targeted towards DevOps, Observability and SRE teams is a follow-up to the course “Automation Using the REST and SignalFlow APIs”. Learn to use the Splunk IM Terraform provider to manage Splunk IM resources for visualization, alerting and teams. Create and manage detectors and muting rules. Learn to create and modify teams including team notification policies. All concepts are taught through discussions and hands-on lab exercises.
-
Splunk IM exposes a comprehensive API that allows you to automate any action that can be done using the User Interface. This 2-day virtual course provides the foundation for you to use the API to automate bulk actions such as the creation of charts, dashboards, and alerts. See how to programmatically perform computations that can be used in charts and detectors or streamed in real-time. Use the API to manage Splunk IMteams.
-
This course is designed for developers responsible for debugging their own applications, and for SREs responsible for troubleshooting performance issues. Splunk Log Observer is built primarily for DevOps teams working on applications built on modern tech stacks (containerized microservices). However, the course can be taken by anyone who wants to view recent log data in a no-code environment.
This 4.5-hour course describes how to use the tool to work with log data using the no-code user interface. Learn to create, save, and share search filters, and to investigate the shape of your log data. Learn to add log messages to dashboards. Analyze logs with aggregation functions and group by rules. Create rules to manipulate incoming data and generate synthetic metrics from log data.
All concepts are taught using lectures and scenario-based hands-on activities.
-
This course serves as the foundation for all other Splunk Observability courses. It is targeted towards DevOps/SRE/Observability teams, Senior On-call Engineers, Onboarding and Monitoring Strategists and Developers. This 6-hr course provides a fundamental understanding of Metrics Monitoring in Splunk Observability such as the metrics data model and different types of metadata. See how you can interact with data using built-in content, search for metrics, find more information about a metric, visualize and alert on metrics. Learn to use appropriate rollups, interpret chart data based on chart resolution, rollups, and analytic functions. All concepts are taught using lectures and scenario-based hands-on activities.
-
This 13.5 hour course prepares architects and systems administrators to install and configure Splunk Enterprise Security (ES). It covers ES event processing and normalization, deployment requirements, technology add-ons, dashboard dependencies, data models, managing risk, and customizing threat intelligence.
-
This 13.5-hour course prepares security practitioners to use Splunk Enterprise Security (ES). Students identify and track incidents, analyze security risks, use predictive analytics, and discover threats.
-
This 18-hour course is designed for administrators who are responsible for getting data into Splunk Indexers. The course provides the fundamental knowledge of Splunk forwarders and methods to get remote data into Splunk indexers. It covers installation, configuration, management, monitoring, and troubleshooting of Splunk forwarders and Splunk Deployment Server components.
-
This 12-hour course is designed for system administrators who are responsible for managing the Splunk Enterprise environment. The course provides the fundamental knowledge of Splunk license manager, indexers and search heads. It covers configuration, management, and monitoring core Splunk Enterprise components.
-
This Power User “Fast Start” course covers over 60 commands, functions, and knowledge objects to provide users with actionable information about searching best practices and knowledge management. Students will learn how to effectively utilize time in searches, work with different time zones, use transforming commands and eval functions to calculate statistics, compare field values with eval functions and eval expressions, manipulate output, normalize fields and field values, correlate and filter data from multiple sources, and create, manage, and share knowledge objects.
-
This three-hour SPLK-SO: Search Optimization course is for power users who want to improve search performance. Topics will cover how search modes affect performance, how to create an efficient basic search, how to accelerate reports and data models, and how to use the tstats command to quickly query data.
-
This three-hour course is designed for power users who want to create maps in Splunk. It focuses on the data and components required to create cluster and choropleth maps. It also shows how to format, customize and make maps interactive.
-
This eLearning course teaches students about how different types of knowledge objects to extract additional insights from their data. Students will learn the basics of how to create knowledge objects, define their settings, edit, and manage existing knowledge objects.
-
This eLearning course gives students additional insight into how Splunk processes searches. Students will learn about Splunk architecture, how components of a search are broken down and distributed across the pipeline, and how to troubleshoot searches when results are not returning as expected.
-
This eLearning course teaches students how to create visualizations in Splunk, using Splunk’s Search Processing Language as well as the Splunk Web interface. Students will learn commands that allow data to be displayed on charts and graphs, transform geographic data into maps, create single value visualizations, and use Splunk’s visual formatting options to change the look of statistical tables.
-
This eLearning course teaches students how to use scheduled reports and alerts to automate processes in their organization. Students will create, manage, and schedule reports and alerts, and use alert actions to further respond to incidents as they occur.
-
This 18 hour Implementing Splunk IT Service Intelligence course is designed for administrator users who will implement Splunk IT Service Intelligence for analysts to use. The first day includes the day of content from Using Splunk IT Service Intelligence.
-
This one-day course is designed for analyst users who want to use Splunk IT Service Intelligence to manage, analyze, and optimize their IT services. Those who will implement Splunk IT Service Intelligence, please enroll in Implementing Splunk IT Service Intelligence instead
-
This 1-day virtual course targeted to developers and DevOps enables you to instrument your applications to send traces to Splunk APM. Through in-person discussions and hands-on activities, learn to deploy the Splunk OpenTelemtry Connector on a Linux host. Use auto-instrumentation to send in traces without altering your code. Use manual instrumentation to create spans and add metadata to spans. This course assumes familiarity with navigating Splunk APM which is covered in the course Using Splunk Application Performance Monitoring.
This lab-orientated class is designed to help you learn the fundamentals of instrumenting your code to send in traces. All hands-on labs are in Python and Java. -
This 1-virtual day course targeted to developers and DevOps enables you to use Splunk APM to analyze traces, troubleshoot and monitor your microservices-based applications. Through in-person discussions and hands-on activities, deep dive into uses of distributed tracing, navigating the Splunk APM app to analyze traces, visualize and alert on APM metrics.
All concepts and taught through discussions and hands-on activities. -
This course provides Splunk users in-depth information about metrics, ingesting and searching metrics data, and how to use the Metrics Workspace to analyze and create visualizations.
-
This 13.5 hour Administering Splunk Enterprise Security training course prepares architects and systems administrators to install and configure Splunk Enterprise Security (ES). It covers ES event processing and normalization, deployment requirements, technology add-ons, dashboard dependencies, data models, managing risk, and customizing threat intelligence.
-
This 13.5 hour Advanced SOAR Implementation course is intended for experienced SOAR consultants who will be responsible for complex SOAR solution development, and will prepare the attendee to integrate SOAR with Splunk as well as develop playbooks requiring custom coding and REST API usage.
Potential attendees have received a passing grade in all prerequisite courses, and must ensure they can devote all of their attention to the class, as the course work is very challenging. Students will develop a custom solution with SOAR, Splunk and custom Python code. The labs provide requirements for the solution; the student must plan and execute the development. This will require thoughtful focus, experimentation and problem-solving skills.
-
This 13.5-hour course prepares security practitioners to use Splunk Enterprise Security (ES). Students identify and track incidents, analyze security risks, use predictive analytics, and discover threats.
