September 12–14 2026 | DENVER, COLORADO
Splunk University
The ultimate learning experience
September 12–14, 2026
Take advantage of this incredible learning opportunity and get the most out of your .conf26 experience! Head to Denver a few days before the conference to attend Splunk University. You’ll stand out among your peers, deepen your expertise with hands-on courses, expand your knowledge, and make your organization more resilient.
What to expect:
- Materials will be provided to you in advance through STEP. Be sure to create a login for easy access.
- Three-day courses run from September 12–14.
- One-day courses are on Monday, September 14.
- Class hours are 9 am–5 pm.
- We’ll supply breakfast, lunch, caffeine, and education. All you have to bring is yourself and your laptop!
Three-day tracks
Choose one of these three-day sessions.
Power User
This three-day track takes you from A-Z for a Splunk power user, including topics on how to search, manipulate, correlate, and model data. Our most popular course with new or less experienced Splunk users.
Skill Level:
- Beginner > Intermediate
Enterprise Administrator
This three-day track prepares administrators to install, configure, and deploy on-prem Splunk environments. It combines content from Splunk Enterprise System Administration and Splunk Enterprise Data Administration.
Skill Level:
- Beginner > Intermediate
Mastering Splunk Data Management Techniques
This three-day course prepares administrators to evaluate and design data management processes and deploy, manage, and optimize Splunk data ingestion pipelines.
Skill Level:
- Intermediate > Advanced
Advanced Enterprise Administrator
This three-day track prepares administrators to install, configure, and troubleshoot standalone and clustered Splunk deployments. It combines content from Troubleshooting Splunk Enterprise and Splunk Cluster Administration.
Skill Level:
- Intermediate > Advanced
Analytics and Data Science
This three-day track prepares users to perform more scientific analysis on their data with the Machine Learning Toolkit. It includes content from Exploring and Analyzing Data with Splunk and Splunk for Analytics and Data Science.
Skill Level:
- Intermediate > Advanced
SOC Analyst
This track quickly equips new analysts with Splunk skills and best practices, featuring hands-on practice in threat investigation, detection, hunting, and response, along with two new courses and a refreshed 'Cybersecurity Defense Essentials' class.
Skill Level:
- Beginner > Intermediate
SOC Engineer
This track builds the foundation for SOC engineers in threat detection and incident response, featuring Administering Splunk Enterprise Security and a new course on integrating open-source attack simulation tools with Splunk for testing detections and responses.
Skill Level:
- Intermediate > Advanced
Security Automation
This track covers the fundamentals for SOC automation developers, including Administering Splunk SOAR, Developing Splunk SOAR Playbooks, and a new course on integrating open-source attack simulation tools with Splunk for testing detections and responses.
Skill Level:
- Beginner > Intermediate
Security Architect
This track includes Architecting Splunk Enterprise Deployments, plus new courses focused on security data architecture, integrating open-source attack simulation tools with Splunk, and exploring key SOC roles, tasks, and challenges.
Skill Level:
- Intermediate > Advanced
Monitoring Applications Using Splunk Observability Cloud
This three-day track prepares DevOps and SRE teams to use Splunk Observability Cloud to monitor and troubleshoot their application environments. It combines content from: Introduction to Splunk Observability Cloud, Fundamentals of Metrics Monitoring, Using Splunk APM, Using Splunk RUM, and Using Splunk Synthetic Monitoring.
Skill Level:
- Beginner > Intermediate
One-day course
Short on time? This one-day course accelerates learning like no other.
Enhancing SOC Operations with Attack Simulations
This one-day course empowers experienced SOC staff to perform threat investigation, detection, and incident response using open-source attack simulation tools integrated with Splunk, while deepening their understanding of SOC roles, tasks, and challenges.
Note: This course requires prior training and/or experience with Splunk security products (Enterprise Security and SOAR). Beginners should attend the SOC Analyst track.
Skill Level:
- Intermediate > Advanced
Splunk University
September 12–14
1 Day
$1,000
100 training units
3 Days
$2,400
240 training units
© 2005 - 2026 Splunk LLC All rights reserved.
© 2005 - 2026 Splunk LLC All rights reserved.