Skip to main content

Splunk Training + Certification

Implementing Splunk IT Service Intelligence

Course Description

This 4 virtual-day course prepares consultants to install and configure Splunk's app for IT Service Intelligence (ITSI). Students will learn to use ITSI to monitor mission-critical services. Topics include ITSI architecture, deployment planning, installation, service design and implementation, configuring entities, notable events, and developing glass tables and deep dives.

Instructor-led Training Schedule

Course Topics

  • ITSI architecture and deployment
  • Installing ITSI
  • Designing Services-discovery and best practices
  • Implementing services and entities
  • Configuring correlation searches and multi KPI alerts
  • Managing aggregation policies and anomaly detection
  • Troubleshooting and maintenance

Course Prerequisites

  • Splunk Fundamentals 1
  • Splunk Fundamentals 2
  • Splunk Enterprise System Administration
  • Splunk Enterprise Data Administration

Course Objectives

Module 1 - Introducing ITSI
  • Identify what ITSI does
  • Describe reasons for using ITSI
  • Examine the ITSI user interface


Module 2 - Glass Tables
  • Describe glass tables
  • Use glass tables
  • Design glass tables
  • Configure glass tables


Module 3 - Managing Notable Events
  • Define key notable events terms and their relationships
  • Describe examples of multi-KPI alerts
  • Describe the notable events workflow
  • Work with notable events
Module 4 - Investigating Issues with Deep Dives
  • Describe deep dive concepts and their relationships
  • Use default deep dives
  • Create and customize new custom deep dives
  • Add and configure swim lanes
  • Custom views
  • Describe effective workflows for troubleshooting
Module 5 - Installing and Configuring ITSI
  • List ITSI hardware recommendations
  • Describe ITSI deployment options
  • Identify ITSI components
  • Describe the installation procedure
  • Identify data input options for ITSI
  • Add custom data to an ITSI deployment
Module 6 - Designing Services
  • Given customer requirements, plan an ITSI implementation
  • Identify site entities
Module 7 - Data Audit and Base Searches
  • Use a data audit to identify service key performance indicators
  • Design base searches
Module 8 - Implementing Services
  • Use a service design to implement services in ITSI
Module 9 - Thresholds and Time Policies
  • Create KPIs with static and adaptive thresholds
  • Use time policies to define flexible thresholds
Module 10 - Entities and Dependencies
  • Using entities in KPI searches
  • Defining dependencies
Module 11 - Correlation and Multi KPI Searches
  • Define new correlation searches
  • Define multi KPI alerts
  • Manage notable event storage
Module 12 - Aggregation Policies
  • Create new aggregation policies
  • Use smart mode
Module 13 - Anomaly Detection
  • Enable anomaly detection
  • Work with generated anomaly events
Module 14 - Access Control
  • Configure user access control
  • Create service level teams
Module 15 - Troubleshooting ITSI
  • Backup and restore
  • Maintenance mode
  • Creating modules
  • Troubleshooting