This two-day course focuses on Splunk Enterprise app development. It’s designed for advanced users, administrators, and developers who want to create apps for Splunk Enterprise and Splunk Cloud. Major topics include planning apps, building data generators, adding data, custom search commands and REST endpoints, using the KV Store, app vetting using AppInspect and app packaging.
-
This nine-hour course focuses on large enterprise deployments. Students will learn steps and best practices for planning, data collection and sizing for a distributed deployment. Workshop-style labs challenge students to make design decisions about an example enterprise deployment.
-
This 13.5 hour Administering Splunk Enterprise Security training course prepares architects and systems administrators to install and configure Splunk Enterprise Security (ES). It covers ES event processing and normalization, deployment requirements, technology add-ons, dashboard dependencies, data models, managing risk, and customizing threat intelligence.
-
This 13.5-hour course prepares security practitioners to use Splunk Enterprise Security (ES). Students identify and track incidents, analyze security risks, use predictive analytics, and discover threats.
-
This 3 virtual day course is designed for administrators who are responsible for getting data into Splunk Indexers. The course provides the fundamental knowledge of Splunk forwarders and methods to get remote data into Splunk indexers. It covers installation, configuration, management, monitoring, and troubleshooting of Splunk forwarders and Splunk Deployment Server components.
-
This 9-hour virtual course targeted towards DevOps, Observability and SRE teams is a follow-up to the course “Automation Using the REST and SignalFlow APIs”. Learn to use the Splunk IM Terraform provider to manage Splunk IM resources for visualization, alerting and teams. Create and manage detectors and muting rules. Learn to create and modify teams including team notification policies. All concepts are taught through discussions and hands-on lab exercises.
-
Splunk IM exposes a comprehensive API that allows you to automate any action that can be done using the User Interface. This 2-day virtual course provides the foundation for you to use the API to automate bulk actions such as the creation of charts, dashboards, and alerts. See how to programmatically perform computations that can be used in charts and detectors or streamed in real-time. Use the API to manage Splunk IMteams.
-
This 9-hour course is for developers who want to use the Splunk REST API to interact with Splunk servers. In this course, use curl and Python to send requests to Splunk REST endpoints and learn how to parse and use the results. Create a variety of objects in Splunk, learn how to change properties, work with and apply security to Splunk objects, run different types of searches and parse its results, ingest data using the HTTP Event Collector and manipulate collections and KV Stores.
-
This 9-hour virtual course highlights key differences between Splunk Enterprise deployed on-premises and Splunk Enterprise Cloud to allow Splunk Administrators to transition to Splunk Cloud.
This course provides the skills and knowledge for experienced on-prem administrators to migrate the collection and data ingest as well as manage their Splunk Cloud environment and maintain a productive Splunk SaaS deployment.
-
This course provides Splunk users in-depth information about metrics, ingesting and searching metrics data, and how to use the Metrics Workspace to analyze and create visualizations.
-
This 9 hour introductory course prepares IT and security practitioners to plan, design, create and debug basic playbooks for SOAR. Students will learn fundamentals of SOAR playbook capabilities, creation and testing. This course is a pre-requisite for the Advanced SOAR Implementation course.
-
This 2-virtual day course is designed for Splunk administrators. It covers topics and techniques for troubleshooting a standard Splunk distributed deployment using the tools available on Splunk Enterprise
This lab-oriented class is designed to help you gain troubleshooting experience before attending more advanced courses. You will debug a distributed Splunk Enterprise environment using the live system.
This course does not cover the issues surrounding Splunk Cloud, Splunk Clusters, or Splunk premium apps.
