Home / Courses / Splunk Online Training

Splunk (Admin + Dev) Online Training

One of the top providers of online IT training worldwide is VISWA Online Trainings. To assist beginners and working professionals in achieving their career objectives and taking advantage of our best services, We provide a wide range of courses and online training.

Reviews 4.9 (4.6k+)
4.7/5

Learners : 1080

Duration :  25 Days

About Us
Training Syllabus
Upcoming Batches
Training Options
FAQ'S
Reviews

About Course

The Splunk Online Training program is designed to equip learners with the skills needed to collect, analyze, and visualize machine-generated data using Splunk. This course covers everything , architecture and installation to advanced search, reporting, and dashboard creation. Whether you are an IT professional, data analyst, or system administrator, this training will help you master data-driven insights for effective business decision-making.

Through real-time projects and hands-on labs, learners will gain expertise in managing logs, creating alerts, monitoring security incidents, and implementing  in enterprise environments. The course also prepares you for certifications, including  Core Certified User and  Certified Power User.

Key Highlights:

  • In-depth understanding of architecture and components
  • Hands-on experience with  data indexing, searching, and reporting
  • Learn  dashboards, alerts, and visualizations
  • Guidance for certification exam preparation
  • Flexible online training with expert-led sessions

Who Can Enroll:

  • IT Administrators & Developers
  • System and Network Engineers
  • Data Analysts & Security Professionals
  • Anyone interested in data analytics and log management

Prerequisites:

Basic knowledge of IT operations or data analysis concepts will be helpful but not mandatory.

Splunk Training Course Syllabus

Splunk Admin

Chapter 1
  • Splunk Overview
  • Splunk Packages
  • Splunk components and capabilities
  • Splunk Lab Setup
  • Basic Linux commands
  • Splunk Installation pre-requisites
  • Splunk Full Package installation
  • Splunk Forwarder installation
  • Understanding the difference
  • Bootstart
  • Port Change
  • Splunk Uninstallation
Chapter 2
  • Forwarding and Receiving
  • Testing to default and custom index
  • Source type and metadata creation
  • Acknowledgement
  • TCP ROUTING
  • Same data to two groups
  • Load balancing
  • Discard Historical data
  • Input filters
  • Adding Search head component
Chapter 3
  • What is Forwarder Management
  • Deployment server setup
  • Deployments clients setup
  • Troubleshooting & managing
Chapter 4
  • Line breaking
  • Epoch time
  • Timestamp extraction
  • props and transforms
  • Log file resizing
  • GUID
  • Splunk Upgradation
  • Throughput Changes
  • Queue concept
Chapter 5
  • What is Heavy forwarder
  • Metadata Override
  • Discard Garbage data
  • Anonymize the PS Data
  • Implementation
  • Disable Splunk Web
Chapter 6
  • SNMP configuration
  • Fishbucket configuration
  • Sourcetype renameing
  • Dispatch directory size
Chapter 7
  • CSV Extraction
  • Adding custom time range
  • Concurrent search quota
  • Users roles and authentication
Chapter 8
  • Storage Size calculation
  • Index creation
  • Custom index creation
  • Indexing Cluster theory
  • Indexing Cluster
  • Implementation
  • Multisite Designing
  • Cluster management
  • Licensing
Chapter 9
  • Search head cluster
  • Role of Deployer
  • Implementation
Chapter 10
  • Internal Log Analysis
  • Architecture Planning
  • Troubleshooting
  • Configuration file Overview
Splunk Development

Module 1
  • Splunk Overview
  • Prerequisites and Installing Splunk Enterprise
  • Navigating Splunk Web – On-boarding data into Splunk Enterprise
Module 2
  • Splunk knowledge objects Overview
  • Classify and group events
  • Define and Maintain Event types
  • Tags creation
  • Field extractions
  • Field Extractor
  • Search-time field extractions
  • Regular expression overview
  • Extract fields with search commands
  • Create custom fields at index time
  • Overview of Lookups
  • Usage of Field lookups to add info to your events
  • Configuring and customizing Lookups
  • Saved Searches
  • Splunk CIM Overview and its correlation
  • Specify Cron Notation
Module 3
  • Types of searches
  • Retrieving events
  • Specifying time ranges
  • Using subsearch
  • Creating statistical tables and charts
  • Grouping and correlating events
  • Predicting future events
  • Common search commands
  • Best practices in optimizing search
  • Functions for eval and stats command
  • Application of the following search commands by category
  • Correlation
  • Anomaly Detection
  • Reporting – Geographic – Prediction and Trending
  • Search and Sub
  • search commands
  • Time commands
  • Formats for converting strings into time
  • stamp
  • Understanding SPL syntax
  • Usage of Keywords and Boolean operators
Module 4
  • Views Overview – Simple XML
  • Dashboards Overview
  • Functionalities
  • Panel creation and customization
  • Drilldowns
  • Employing Queries in Dashboards
  • Implementing JavaScript and CSS into Dashboards
  • Forms Creation
  • Form inputs definition
  • Macros Overview
  • Understanding of Data Models
Module 5
  • Alerts Overview
  • Types of Alerts
  • Setup Alert actions
  • Scheduled Alert
  • Real time Alert
  • Custom conditional Alerts
  • Triggered Alerts
  • Alert Manager Usage
  • Alert Functionalities
  • Alert examples
  • Alerts via savedsearch.conf
  • Usage of Tokens
  • Troubleshooting Steps
Module 6
  • Reporting Overview
  • Create and Edit Reports
  • Accelerate Report
  • Setup Scheduled Reports
  • Customize Report Formats
  • Report Functionalities
  • Report examplesReport via savedsearch.conf
  • Usage of Tokens
  • Troubleshooting Steps
Module 7
  • Walk-through over Splunk Apps
  • Basic Understanding of Splunk App creation
Splunk Course Key Features
  • Live Instructor based training with software
  • Certification Oriented content
  • Hands-on complete Realtime training
  • Flexible schedule demo's & classes
  • Live recorded videos access
  • Study material provided
  • JOB Assistance

Course completion certificate

Splunk Training - Upcoming Batches

Coming Soon

AM IST

Weekday

Coming Soon

AM IST

Weekday

Coming Soon

PM IST

Weekend

Coming Soon

PM IST

Weekend

Don't find suitable time ?

REQUEST SCHEDULE
Request More Information

CHOOSE YOUR OWN COMFORTABLE LEARNING EXPERIENCE

Live Virtual Training

  • Schedule your sessions at your comfortable with timings
  • Instructor-Led training real time projects
  • Certification Guidance

PREFERRED

Get Started

Self-Paced Learning

  • Complete set of live-online training session recorded videos.
  • Learn technology at your own pace.
  • Get access for lifetime.
Signup free

Corporate Training

  • Learn as a full day schedule with discussions, exercises.
  • Practical use cases.
  • Design your own syllabus based

FOR BUSINESS

Contact us

Splunk Online Training FAQ'S

What is Splunk and why is it used?

Splunk is a powerful platform used for searching, monitoring, and analyzing machine-generated data (like logs and events) in real time. It helps organizations gain valuable insights from massive volumes of data for security monitoring, operational intelligence, troubleshooting, and data visualization.
Splunk can collect data from various sources such as applications, servers, network devices, and sensors, making it ideal for IT operations, DevOps, and SIEM (Security Information and Event Management) use cases.

What are the main components of Splunk architecture?

Splunk’s architecture has three main components:

  • Forwarder: Collects and forwards log data to the indexer.
  • Indexer: Processes, parses, and stores the data for fast searching and querying.
  • Search Head: Provides the user interface to perform searches, create reports, dashboards, and alerts.
    Additionally, Deployment Server and Cluster Master are used for large-scale deployments and centralized management.
What is a Splunk Index and why is it important?

An Index in Splunk is a repository where Splunk stores the processed data. Each index holds searchable data and metadata.
Indexes improve search performance by categorizing and organizing data. For example, you can create separate indexes for security logs, application logs, and system performance metrics.

How saWhat are Search Processing Language (SPL) commands in Splunk?fe is the data on Cloud?

SPL (Search Processing Language) is the query language used in Splunk to search, filter, and manipulate data.
Common SPL commands include:

  • search – to filter data based on keywords or fields
  • stats – to calculate statistics like count, sum, avg
  • eval – to create new fields or modify existing ones
  • where – to apply conditional filters
  • table – to display specific fields in a tabular format

index=web_logs status=404 | stats count by source

This command counts the number of 404 errors grouped by source.

What are Lookups in Splunk?

Lookups are used to enrich Splunk event data by referencing external data files (like CSVs, scripts, or databases

Reviews

More Courses You Might Like

No posts found!