Skip to main content

Splunk Training + Certification

Automation Using the REST and SignalFlow API

Course Description

This 9-hour virtual course provides the foundation for you to use the API to automate bulk actions such as the creation of charts, dashboards, and alerts. See how to programmatically perform computations that can be used in charts and detectors or streamed in real-time. Use the API to manage Splunk IM teams.

Instructor-led Training Schedule

Course Prerequisites


  • Using Splunk Infrastructure Monitoring

Course Topics

  • Using the SignalFlow API to Perform Computations
  • Stream/extract Raw and Processed Data from SignalFx
  • Manage Splunk IM Teams
  • Manage Charts, Dashboards and Dashboard Groups using the API
  • Manage Detectors Using the API

Course Objectives

Module 1 – Overview of the API
  • Describe the function of the API
  • Describe the API endpoints
Module 2 – Streaming Computations Using SignalFlow
  • Use the SignalFlow CLI
  • Use the data() function to stream metrics
  • Use the detect() function to define detectors
Module 3 – Streaming Raw and Processed Data
  • Choose when to use WebSocket connection vs HTTP API for streaming
  • Execute SignalFlow computations
  • Describe the types of messages emitted by streaming computation
  • Stream/extract raw and processed data from the Splunk IM service
Module 4 – Manage Splunk IM Teams
  • Describe the use of teams
  • Create teams
  • Add/remove members to/from teams
  • Update teams
Module 5 – Automate Chart and Dashboard Management
  • Create, modify, and delete charts
  • Create detectors to monitor issues of interest
Module 6 – Automate Detector Management
  • Create detectors
  • Update, delete detectors
  • Mute notifications
  • Clear incidents