Skip to main content


Splunk Training + Certification

Implementing Splunk IT Service Intelligence

Course Description

This 18-hour course is designed for administrator users who willimplement Splunk IT Service Intelligence for analysts to use. The firstday includes the day of content from Using Splunk IT ServiceIntelligence.

Instructor-led Training Schedule

Course Topics

  • IT Service Intelligence analyst user training
  • Deployment and Initial Configuration
  • Designing, Implementing Services and Searches
  • Defining and Adding Entities
  • Defining Service Templates, and User Access
  • Using Predictive Analytics
  • Customization, Maintenance, Troubleshooting
  • Creating and Defining Correlation Searches and EventAggregation

Prerequisite Knowledge

To be successful, students should have a solid understanding of the following courses:

  • Splunk Fundamentals 1
  • Splunk Fundamentals 2
  • Splunk Fundamentals 3
  • Advanced Searching and Reporting

Or the following single-subject courses:

  • What is Splunk?
  • Intro to Splunk
  • Using Fields
  • Scheduling Reports and Alerts
  • Visualizations
  • Working with Time
  • Leveraging Lookups and Sub-searches
  • Correlation Analysis
  • Search Under the Hood
  • Search Optimization
  • Introduction to Knowledge Objects
  • Creating Knowledge Objects
  • Creating Field Extractions
  • Enriching Data with Lookups
  • Data Models
  • Introduction to Dashboards
  • Dynamic Dashboards
Students should also have completed the following courses
  • Splunk Enterprise System Administration
  • Splunk Enterprise Data Administration

Course Objectives

Using Modules 1-4
  • 1 – Navigating ITSI Cloud and Service Analyzers
  • 2 – Visualizing Services with Glass Tables
  • 3 – Investigating Issues with Deep Dives
  • 4 – Managing Episodes
Module 1 – Deployment and Initial Configuration
  • Understand IT Service Intelligence licensing
  • Describe factors affecting IT Service Intelligence performance
  • Identify IT Service Intelligence components
  • Configure IT Service Intelligence roles
  • Configure IT Service Intelligence modules
  • Describe IT Service Intelligence deployment options
  • List IT Service Intelligence hardware recommendations
  • Describe the installation procedure
  • Understand IT Service Intelligence licensing
  • Describe factors affecting IT Service Intelligence performance
  • Identify IT Service Intelligence components
  • Configure IT Service Intelligence roles
  • Configure IT Service Intelligence modules
Module 2 – Designing Services
  • Given customer requirements, plan ITSI services
  • Design service KPI properties, such as schedules, importance,
  • Identify entity-oriented KPIs
  • Identify dependencies between services
Module 3 – Data Audit and Base Searches
  • Analyze a data environment based on implementation requirements
  • Identify necessary data sources for KPIs
  • Plan data intake for IT Service Intelligence configuration
  • Implement base searches to support service design
Module 4 – Implementing Services
  • Use a service design to implement services in IT Service Intelligence
  • Create KPIs using base searches
  • Configure basic KPI settings for calculation and aggregation
  • Configure KPI lag and backfill
  • Set KPI importance
  • Calculate service health score
Module 5 – Thresholds and Time Policies
  • Configure KPI thresholds
  • Use aggregate and entity-level thresholds
  • Use static and adaptive thresholds
  • Apply time policies to thresholds
  • Create custom threshold templates
Module 6 – Entities and Modules
  • Add KPIs to services from modules
  • Identify good use cases for entities
  • Define entities in services
  • Use entities in KPI searches
  • Use pseudo entities in KPI searches
Module 7 – Templates and Dependencies
  • Define service template use cases
  • Create service templates
  • Create new services from templates
  • Create dependencies between services
Module 8 – Anomaly Detection and Predictive Analytics
  • Define anomaly detection capabilities
  • Configure anomaly detection for KPIs
  • Configure predictive analytics for services
Module 9 – Access Control
  • Identify ITSI roles and capabilities
  • Describe service level roles and team ownership
  • Modify ITSI menu options
  • Control access to ITSI views
Module 10 – Customization, Maintenance, Troubleshooting
  • Use backup and restore tools
  • Install content packs
  • Use maintenance mode for services and entities
  • Understand the ITSI REST interface
  • ITSI troubleshooting
Module 11 – Correlation Searches and Multi-KPI Alerts
  • Define new correlation searches
  • Define Multi-KPI alerts
  • Manage notable event storage
Module 12 – Aggregation Policies
  • Define aggregation policy capabilities
  • Modify the default aggregation policy
  • Understand Smart Mode
  • Create new aggregation policies
  • Use aggregation policies to automate notable event response