Splunk University

Splunk University is a pre-conference educational training program where additional fees apply. Attend Splunk University to gain new insights and experience the full range of product features in a live, hands-on setting. Don’t forget, you can get certified on site for FREE! Sign up for one-, two- and three-day sessions.

Education Class Dates

  • Saturday, September 23, 2017
    9 AM - 6 PM
  • Sunday, September 24, 2017
    9 AM - 6 PM
  • Monday, September 25, 2017
    9 AM - 6 PM

The Cost to Attend Is

  • $800 for 1 day of sessions

  • $1200 for 2 days of sessions

  • $1500 for 3 days of sessions

Education Resources

Classes

Multi-Day Packages
3-Day Class Packages

Power User Bootcamp

This three-day Bootcamp takes you from A-Z for a Splunk Power User.  Start with basic searching and using fields, continue on to statistical, charting, and manipulating commands with Splunk’s Search Language to create meaningful reports and dashboards.  You’ll also create and manage Splunk knowledge objects such as fields, alerts, data models, lookups, and macros. Finally, you’ll learn how to conform your knowledge objects to Splunk’s Common Information Model (CIM).

Administrator Bootcamp

This three-day Bootcamp prepares administrators to configure and manage Splunk. Topics include installation, configuring data inputs and forwarders, data management, user accounts, licenses, and troubleshooting and monitoring. The focus of this class is the knowledge, best practices, and configuration details for Splunk administration in a medium to large distributed deployment environment.

Advanced Administrator Bootcamp

This three-day Bootcamp combines content from the Troubleshooting Splunk Enterprise and Splunk Cluster Administration courses. Designed for experienced Splunk administrators, It covers topics and techniques for troubleshooting a distributed deployment using the tools available on Splunk Enterprise, Splunk’s internal logging system, and takes a deeper dive into Splunk’s pipelines and processors.  It also provides training on deploying and managing Splunk Search Head Clusters and Indexer Clusters.

App Developer Bootcamp

This three-day Bootcamp combines content from Advanced Dashboards and Visualizations, Building Splunk Apps, and Developing with Splunk’s Java and Python SDKs.  You will learn to create compelling and interactive dashboards, forms, and visualizations, as well as use 3rd party visualization libraries. You will also learn about Splunk’s app directory structure, and Web Framework. You’ll learn to interact directly with the Splunk REST API via the Java and Python SDKs, and also learn best practices for development--when are the SDKs the right choice, vs. REST, vs. other Splunk built-in tools.

ITSI Bootcamp

This three-day Bootcamp combines content from Using ITSI and Implementing ITSI.  It prepares you to install and configure Splunk's app for IT Service Intelligence (ITSI). You will learn to use ITSI to monitor mission-critical services. You’ll also learn about ITSI architecture, deployment planning, installation, service design and implementation, configuring entities, notable events, and developing glass tables and deep dives.

Multi-Day Packages
2-Day Class Packages

Splunk Enterprise Security for Security Analysts

Saturday, September 23 - Sunday, September 24, 2017

This two-day Bootcamp includes content from Using Splunk Enterprise Security.  It prepares security practitioners to use Splunk Enterprise Security (ES). You will use ES to identify and track security incidents, analyze security risks, use predictive analytics, threat discovery, and create glass tables.

Splunk Enterprise Security for Administrators

Saturday, September 23 - Sunday, September 24, 2017

This two-day Bootcamp prepares architects and systems administrators to install, configure and manage Splunk Enterprise Security. It covers ES event processing and normalization, deployment requirements, technology add-ons, settings, risk analysis settings, threat intelligence and protocol intelligence configuration, and customizations.

Analytics and Data Science Bootcamp

Saturday, September 23 - Sunday, September 24, 2017

This two-day Bootcamp is for Splunk users who want to perform more scientific analysis on their data. It covers Exploratory Data Analysis, Machine Learning, Using Algorithms to Build Models, Transactional Analysis, Anomaly Detection, Estimation and Prediction, Classification, and more.

Splunk App Essentials Bootcamp

Saturday, September 23 - Sunday, September 24, 2017

This two-day Bootcamp combines content from the Advanced Dashboards and Visualizations and Building Splunk Apps courses.  You will learn to create compelling and interactive dashboards, forms, and visualizations, as well as use 3rd party visualization libraries. You will also learn about Splunk’s app directory structure, REST API, Web Framework, and how to package objects to create a Splunk App.

Splunk Data Administration Bootcamp

Saturday, September 23 - Sunday, September 24, 2017

This two-day Bootcamp is designed for Splunk Enterprise and Cloud administrators who are responsible for getting data into Splunk Indexers. The course provides the fundamental knowledge of Splunk forwarders and methods to get remote data into Splunk indexers. It covers installation, configuration, management, monitoring, and troubleshooting of Splunk forwarders and Splunk Deployment Server components. Suitable for both Splunk Cloud and Splunk Enterprise customers.

Splunk Fundamentals 2 Bootcamp

Saturday, September 23 - Sunday, September 24, 2017

This two-day Bootcamp focuses on searching and reporting commands as well as on the creation of knowledge objects.  Major topics include using transforming commands and visualizations, filtering and formatting results, correlating events, creating knowledge objects, using field aliases and calculated fields, creating tags and event types, using macros, creating workflow actions and data models, and normalizing data with the Common Interface Model (CIM).

Prerequisites:

Content:

Multi-Day Packages
Single-Day Classes

Advanced Searching and Reporting with Splunk

This course focuses on more advanced search and reporting commands. Scenario-based examples and hands-on challenges enable users to create robust searches, reports, and charts. Students are coached step by step through complex searches to produce final results. Major topics include the Splunk search process, using sub-searches, additional statistical commands and functions, formatting and calculating results, charting commands and options, and advanced event correlation.

Advanced Dashboards and Visualizations

This course is designed for power users who want to create compelling and interactive dashboards, forms, and visualizations. Its emphasis is on editing simple XML, using post-process searches, and dynamic drilldowns. Students will also learn how to build visualizations that use third-party chart libraries and custom stylesheets.

Building Splunk Apps

This course is designed for users, administrators, and app developers who will build apps with advanced visualizations and interactive behavior using tools available in the Splunk Web Framework. Major topics include the SplunkJS Stack, REST API, KV Store, isolating data, search managers, tokens and data binding, debugging, and packaging an app.

Troubleshooting Splunk Enterprise

This course is designed for Splunk administrators. It covers techniques for troubleshooting a standard Splunk distributed deployment using the tools available on Splunk Enterprise. In this lab-oriented class you will gain troubleshooting experience by debugging a distributed Splunk Enterprise environment using the live system and simulated case logs.

Architecting Splunk Enterprise Deployments

This course takes a deep dive into large enterprise distributed deployments. Learn best practices for planning, sizing, and managing your Splunk deployment.  In this workshop-style course, you will design a Splunk architecture based on a set of customer requirements.

Splunk Enterprise System Administration

This course is designed for system administrators who are responsible for managing the Splunk Enterprise environment. The course provides the fundamental knowledge of Splunk license manager, indexers and search heads. It covers configuration, management, and monitoring core Splunk Enterprise components.

Splunk Fundamentals 1

This course teaches you how to search and navigate in Splunk, use fields, get statics from your data, create reports, dashboards, lookups, and alerts.  Scenario-based examples and hands-on challenges will enable you to create robust searches, reports, and charts.  It will also introduce you to Splunk’s datasets features and Pivot interface.

Developing with Splunk’s Java and Python SDKs

This course teaches you to use Splunk's REST API and Java and Python SDKs to bring new data into Splunk, remotely create and interact with Splunk objects such as ad-hoc and saved searches, and more. Learn to interact directly with the Splunk REST API, and also learn best practices for development--when are the SDKs the right choice, vs. REST, vs. other Splunk built-in tools.