Splunk

This three-hour course teaches students how to create dashboards in Dashboard Studio. Students will learn the basics of the dashboard source code, dashboard layout types, how to select a data source, and improve dashboard performance.

This three-hour course teaches students how to create interactive dashboards in Dashboard Studio. Students will learn how to add user inputs, drill downs, and create dynamically colored visualizations.

This three-hour course is for knowledge managers who want to learn how to create knowledge objects for their search environment using the Splunk web interface. Topics will cover types of knowledge objects, the search-time operation sequence, and the processes for creating event types, workflow actions, tags, aliases, search macros, and calculated fields.

This three-hour course is for knowledge managers who want to learn about field extraction and the Field Extractor (FX) utility. Topics will cover when certain fields are extracted and how to use the FX to create regex and delimited field extractions.

This three-hour course is for knowledge managers who want to use lookups to enrich their search environment. Topics will introduce lookup types and cover how to upload and define lookups, create automatic lookups, and use advanced lookup options. Additionally, students will learn how to verify lookup contents in search and review lookup best practices.

This three-hour course is for knowledge managers who want to learn how to create and accelerate data models. Topics will cover datasets, designing data models, using the Pivot editor, and accelerating data models.

This three-hour course is for power users who want to improve search performance. Topics will cover how search modes affect performance, how to create an efficient basic search, how to accelerate reports and data models, and how to use the tstats command to quickly query data.

This "Fast Start" course covers over 60 commands and functions and prepares students to be search experts. Students will learn how to effectively utilize time in searches, work with different time zones, use transforming commands and eval functions to calculate statistics, compare field values with eval functions and eval expressions, manipulate the output, normalize fields and field values, use lookups and sub searches to enrich results, and correlate and filter data from multiple sources.

This 9 hour course prepares IT and security practitioners to plan, design, create and debug playbooks for Phantom.

This 13.5 hour course is intended for experienced Phantom consultants who will be responsible for complex Phantom solution development, and will prepare the attendee to integrate Phantom with Splunk as well as develop playbooks requiring custom coding and REST API usage. Potential attendees have received a passing grade in all prerequisite courses, and should ensure they can devote all of their attention to the class, as the course work is very challenging. Students will develop a custom solution with Phantom, Splunk and custom Python code. The labs provide requirements for the solution; the student must plan and execute the development. This will require thoughtful focus, experimentation and problem-solving skills.

This 13.5 hour course is intended for experienced SOAR consultants who will be responsible for complex SOAR solution development, and will prepare the attendee to integrate SOAR with Splunk as well as develop playbooks requiring custom coding and REST API usage. Potential attendees have received a passing grade in all prerequisite courses, and must ensure they can devote all of their attention to the class, as the course work is very challenging. Students will develop a custom solution with SOAR, Splunk and custom Python code. The labs provide requirements for the solution; the student must plan and execute the development. This will require thoughtful focus, experimentation and problem-solving skills.

This 13.5 hour course is intended for experienced Phantom consultants who will be responsible for complex Phantom solution development, and will prepare the attendee to integrate Phantom with Splunk as well as develop playbooks requiring custom coding and REST API usage. Potential attendees have received a passing grade in all prerequisite courses, and should ensure they can devote all of their attention to the class, as the course work is very challenging. Students will develop a custom solution with Phantom, Splunk and custom Python code. The labs provide requirements for the solution; the student must plan and execute the development. This will require thoughtful focus, experimentation and problem-solving skills.

This 3.5 hour course prepares IT professionals to configure and manage SOAR.

This 9 hour introductory course prepares IT and security practitioners to plan, design, create and debug basic playbooks for SOAR. Students will learn fundamentals of SOAR playbook capabilities, creation and testing. This course is a pre-requisite for the Advanced SOAR Implementation course. 

This 3 hour course prepares security practitioners to use SOAR to respond to security incidents, investigate vulnerabilities, and take action to mitigate and prevent security problems.

This single subject course targeted to DevOps enables you to learn configuration techniques to send traces to Splunk APM. Through in-person discussions and hands-on activities, learn to deploy the Splunk OpenTelemetry Collector on a Linux host. Use the OpenTelemetry Collector to configure processor components to modify trace metadata. Use auto-instrumentation to send in traces without altering your code. Enable AlwaysOn profiling to monitor code performance. This course assumes familiarity with navigating Splunk APM which is covered in the course Using Splunk Application Performance Monitoring. This lab-oriented class is designed to help you learn the fundamentals of configuring your code to send in traces and trace metadata. All hands-on labs are in Python and Java.

This 1-day virtual course targeted to developers and DevOps enables you to instrument your applications to send traces to Splunk APM. Through in-person discussions and hands-on activities, learn to deploy the Splunk OpenTelemtry Connector on a Linux host. Use auto-instrumentation to send in traces without altering your code. Use manual instrumentation to create spans and add metadata to spans. This course assumes familiarity with navigating Splunk APM which is covered in the course Using Splunk Application Performance Monitoring. This lab-orientated class is designed to help you learn the fundamentals of instrumenting your code to send in traces. All hands-on labs are in Python and Java.

This course serves as the foundation for all other Splunk Infrastructure Monitoring courses. It is targeted towards DevOps/SRE/Observability teams, Senior On-call Engineers, Onboarding and Monitoring Strategists and Developers. This 1-virtual day course provides a fundamental understanding of Splunk Infrastructure Monitoring concepts such as the Splunk IM data model and different types of metadata. See how you can search for metrics, find more information about a metric, visualize and alert on metrics. Learn to use appropriate rollups, interpret chart data based on chart resolution, rollups and analytic functions. All concepts are taught using lectures and scenario-based hands-on activities.