Splunk Developer
Module 1
Introduction to Splunk
Module 2
Components of Splunk
Module 3
Introduction to Splunk's User Interface
Module 4
Basic Searching
Module 5
Using Basic Transforming Commands
Module 6
Introduction to Knowledge Objects
Module 7
Creating and Managing Fields
Module 8
Correlating Events
Module 9
Creating Data Models
Module 10
Exploring Statistical Commands

Splunk Developer

$1500 USD
Categories:
Reviews:
Splunk Developer

About this course

Big data is a huge asset to organizations big and small. It’s being increasingly used to analyze trends, reduce costs, increase efficiencies, identify defects and mitigate fraud. The sheer volume of machine generated data that can be structured or unstructured has made way for Analytical software such as Splunk. Splunk simplifies complex data logs and is used to inspect, monitor, analyze and visualize real-time machine data generated from websites, applications and devices.

 

Number of jobs in the U.S. – 16,000+ (Source: LinkedIn)

 

U.S. National Average salary – $125,571/year (Source: ZipRecruiter)

 

This course is an in-depth Developer course covering all topics of Splunk Development and is for someone that is a complete beginner to Splunk Development. Course covers all topics of Splunk training starting with fundamentals, advanced searching and reporting and advanced dashboards and visualizations.

 

Upon completion, individuals will have a solid understanding of Splunk and its capabilities that include:

  • Understand basic, Intermediate & Advanced level of Splunk.
  • Understand the various ways data can be on-boarded into Splunk & learn to implement it in real life environments.
  • Data Cleaning, Configurations, Common Information Model (CIM) & Data Modeling
    Understand Splunk Knowledge Objects and Implement it in sample environments.
  • Basic to Advanced Searching & Reporting.
  • Creating Real-time Dashboards & Alerts.

 

Prerequisite – None required

B.E/B.tech in IT/CS or related field

Experienced IT professionals, system administrators, data analysts etc

Instructor-led training

40 hrs of instructor-led training with weekly/weekend sessions that can be taken at convenient schedules

Self-paced learning

Recorded classroom sessions and presentations with lifetime access and free upgrade to the latest version

Study Material

Candidates have access to industry-standard study material, online resources, presentations and more

Live projects

Live projects and assignments based on selected use cases that give hands-on experience on Slunk concepts.

Job Assistance

We offer comprehensive job assistance and forward resume of eligible candidates to our partner companies

Certification

Cyber Chasse certifies you as a Splunk Admin Expert by our panel upon successful completion of the course

Splunk is one of the in-demand technologies with The number of jobs in Splunk is increasing at a significant rate with average annual salaries of over $100,000 for key positions. There is a huge demand for Splunk professionals in Fortune 500 companies, small and large organizations. A career in Splunk is growing at neck-breaking speed and has grown 3 times faster than IT jobs. The specific job roles with a lucrative career in Splunk include –

Splunk Administrator

Systems Engineer

Security Engineer

Security Analyst

Technical Service Manager

What is the criterion for availing Cyber Chasse Learning Academy job assistance?

All Learning Academy learners who have successfully completed training by completing all the exercises, case studies and projects are eligible for job assistance.

Can I attend the demo before enrollment?

Participation in the live class is not possible, as we have a limited number of participants. However, you can go through sample class recording.

What is the qualification of the instructor?

The instructor is a Splunk certified consultant with 20+ years of industry experience

Who are the instructors?

All the instructors are Learning Academy practitioners from the IT industry and subject matter experts.

Why take this course?

Splunk is taking over each and every industry domain. Taking Splunk Admin training will help professionals to build a solid career and get the best jobs in top organizations.

Syllabus

This is for someone who doesn’t know anything about Splunk Development. This course is an in-depth Developer course covering all/complete topics of Splunk Development.

Module 1
Introduction to Splunk

a. What is Splunk? a. Log Aggregator b. Reporting c. Analytics d. Machine Learning b. Splunk Premium Applications a. Splunk ES b. Splunk ITSI c. Splunk UBA c. Splunk real world Use Cases d. Competitors of Splunk & Why Splunk?

Module 2
Components of Splunk

a. Forwarder (UF/HF) b. Search Head c. Indexer Installing Splunk a. In Windows b. In Linux Getting data into Splunk a. List all types of data inputs in Splunk b. Configure File Monitoring c. Configure Directory Monitoring (Batch / Monitor) d. Configure TCP / UDP Input e. Configure HEC (HTTP Event Collector) f. Configure Script (PowerShell & Python) g. Configure Windows Events logs (Local & Remote)

Module 3
Introduction to Splunk's User Interface

a. Talk about Splunk UI b. Where to Find App on Splunk (App store) c. Manage Splunk (Install, enable, disable app) d. Splunk App Menu (Search, Dataset, Reports, Alerts & Dashboards) e. Walk through “Settings” menu Understand the uses of Splunk a. Realtime searching b. Alerting c. Dashboarding d. Machine Learning Define Splunk Apps a. Create a Splunk App b. Create a Splunk Add-on c. Download some of the app/add-ons from the app store, install it & configure it Customizing your user settings a. Talk about Access Control b. Authentication Methods c. Roles & Responsibilities

Module 4
Basic Searching

a. Run basic searches and general search practices b. Use autocomplete to help build a search c. Specify indexes in searches d. Case sensitivity in searches e. Set the time range of a search f. Identify the contents of search results g. Refine searches h. Use the timeline i. Work with events j. Control a search job k. Save search results l. Using the job inspector to view search performance Using Fields in Searches a. Understand fields b. Use fields in searches c. Use the fields sidebar

Module 5
Using Basic Transforming Commands

a. The top command b. The rare command c. The stats command d. Eval e. Timechart f. Join g. Where h. Fillnull i. Filldown j. Iplocation k. Geostats l. Geom m. addtotals Creating Reports and Dashboards a. Save a search as a report b. Edit reports c. Create reports with visualizations such as charts and tables d. Create a dashboard e. Add a report to a dashboard f. Edit a dashboard g. Add Dynamic Inputs (textbox, radiobutton, etc) h. Drilldown i. Explore visualization types (Apps) j. Formatting Charts & visualization

Module 6
Introduction to Knowledge Objects

a. Identify naming conventions b. Review permissions c. Manage knowledge objects Creating and Using Lookups a. Describe lookups b. Create a lookup file and create a lookup definition c. Configure an automatic lookup Exploring Lookups a. Including and excluding events based on lookup values b. Using KV Store lookups c. Using external lookups d. Using geospatial lookups e. Using database lookups f. Understanding best practices for lookups

Module 7
Creating and Managing Fields

a. Perform regex field extractions using the Field Extractor (FX) b. Perform delimiter field extractions using the FX c. Using regex d. Using the erex command e. Using the rex command (Learn using rex command and manual field extraction using regex101) f. Identifying regex best practices Creating Field Aliases and Calculated Fields a. Describe, create, and use field aliases b. Describe, create and use calculated fields Creating Tags and Event Types a. Create and use tags b. Describe event types and their uses c. Create an event type Creating Scheduled Reports and Alerts a. Describe scheduled reports b. Configure scheduled reports c. Describe alerts d. Create alerts e. View fired alerts f. Referencing lookups in alerts g. Outputting alert results to a lookup h. Logging and indexing searchable alert events i. Using a webhook alert action Creating and Using Macros a. Describe macros b. Create and use a basic macro c. Define arguments and variables for a macro d. Add and use arguments with a macro e. Using nested search macros f. Previewing search macros before executing g. Using tags and event types in search macros

Module 8
Correlating Events

a. Identify transactions b. Group events using fields c. Group events using fields and time d. Search with transactions e. Report on transactions f. Determine when to use transactions vs. stats Creating and Using Workflow Actions a. Describe the function of GET, POST, and Search workflow actions b. Create a GET workflow action c. Create a POST workflow action d. Create a Search workflow action

Module 9
Creating Data Models

a. Describe the relationship between data models and pivot b. Identify data model attributes c. Create a data model d. Use a data model in pivot Datasets and the Common Information Model a. Naming conventions b. What are datasets? c. What is the Common Information Model (CIM)? d. Describe the Splunk CIM e. List the knowledge objects included with the Splunk CIM Add-On f. Use the CIM Add-On to normalize data Using Pivot a. Describe Pivot b. Understand the relationship between data models and pivot c. Select a data model object d. Create a pivot report e. Create an instant pivot from a search f. Add a pivot report to a dashboard

Module 10
Exploring Statistical Commands

Performing statistical analysis with functions of the stat command a. Using fieldsummary b. Using appendpipe c. Using eventstats d. Using streamstats Exploring eval Command Functions a. Using conversion functions b. Using data and time functions c. Using string functions d. Using comparison and conditional functions e. Using informational functions f. Using statistical functions g. Using mathematical functions h. Using cryptographic functions