Splunk Bootcamp

Throughout the course, emphasis is placed on practical exercises and real-world applications. Participants will spend the majority of the time engaged in labs and projects, ensuring that they can apply Splunk skills effectively in their respective roles.

Register: May 21 - 22
View All Dates

Course Format and Delivery

Delivery Method: LiveOnline 
Schedule: 2 Days
Cost: $1,450 USD 

All sessions are delivered live by an expert instructor in a fully interactive online environment.

 

About this course

This immersive, hands-on Splunk Bootcamp is designed to equip participants with the skills needed to ingest, search, analyze, and visualize machine data using Splunk. Over two intensive days, attendees will engage in real-time labs, guided exercises, and scenario-based projects to build confidence and proficiency in using Splunk for operational intelligence, security monitoring, and troubleshooting.

Attendees will install and configure Splunk in a lab environment, work with real and simulated data sources, and create dashboards, reports, and alerts to solve operational and business problems. Using Splunk’s Search Processing Language (SPL), participants will learn how to extract meaningful insights from logs and metrics across systems such as web servers, application logs, infrastructure, and security platforms.

 

What you will earn


PMI ATP 2025This course will contribute 14 PMI® professional development units (PDUs) towards your chosen certification.

 

 

 

What you will learn

By the end of this course, participants will be able to:

    • Set up and configure Splunk instances and forwarders.

    • Ingest and index various data sources into Splunk.

    • Utilize the Search Processing Language (SPL) for data analysis.

    • Create dashboards, visualizations, and reports to derive insights.

    • Implement alerts and scheduled reports for proactive monitoring.

    • Apply Splunk knowledge to real-world scenarios through hands-on projects

 

This course is great for

  • IT Operations and DevOps professionals, Security analysts and administrators, Data engineers and analysts, Developers and QA engineers, Business intelligence professionals, Anyone responsible for monitoring, analyzing, or reporting on machine data​

 

Topics Covered

Module 1: Introduction to Splunk

    • Overview of Splunk and its use cases

    • Navigating the Splunk Web Interface

    • Understanding Splunk components: indexers, search heads, and forwarders

    • Lab: Setting up a Splunk environment and exploring the interface​

Module 2: Data Ingestion and Indexing

    • Understanding data inputs and indexing

    • Configuring inputs for various data sources (logs, metrics, etc.)

    • Using Universal Forwarders for data collection

    • Lab: Ingesting sample log files and verifying data indexing

Module 3: Field Extraction and Data Enrichment

    • Automatic vs. manual field extraction

    • Creating field extractions using the Field Extractor tool

    • Enriching data with lookups and aliases

    • Using fields in searches, using fields sidebar

    • Lab: Extracting fields and applying lookups to enhance data​

Module 4: Introduction to SPL (Search Processing Language)

    • Basic search commands and syntax

    • Autocomplete to help build a search, setting time ranges

    • Identify the contents of search results

    • Refine searches, using timelines

    • Work with events, Control a search job, Save search results

    • Commands for tables, rename, fields, dedup, sort

    • The top, rare and stats command

    • Filtering and transforming data using SPL

    • Time modifiers and search optimization techniques

    • Lab: Crafting searches to answer specific operational questions​

Module 5: Advanced Searching and Reporting

    • Using statistical commands for data aggregation

    • Creating and managing reports

    • Implementing sub=searches and transaction searches

    • Using lookups, create a lookup file and create a lookup definition

    • Configure an automatic lookup

    • Lab: Developing complex searches and generating reports​

Module 6: Dashboards and Visualizations

    • Designing dashboards for different audiences

    • Utilizing various visualization types (charts, tables, maps)

    • Incorporating dynamic elements like drilldowns and inputs

    • Save a search as a report, Edit reports

    • Create reports that include visualizations such as charts and tables

    • Create a dashboard, add a report to a dashboard, edit a dashboard

    • Lab: Building interactive dashboards to monitor key metric

Module 7: Alerts and Scheduled Reports

    • Setting up alerts based on search results

    • Configuring alert actions (email, scripts, etc.)

    • Configure scheduled reports, describe alerts

    • Create alerts and view fired alerts

    • Scheduling reports for regular distribution

    • Lab: Creating alerts and scheduling reports for proactive monitoring​

Module 8: Capstone Project

    • Applying learned concepts to a real-world scenario

    • Ingesting and analyzing data from a sample application (e.g., NGINX logs)

    • Developing searches, dashboards, and alerts to monitor application performance

    • Lab: End-to-end project showcasing Splunk's capabilities​

 

Questions about this course?

Phone: 1-800-373-7028
Email: info-us@softed.com

We'd love to have the opportunity to discuss how we can assist your business.