Splunk Training + Certification
Implementing Splunk IT Service Intelligence
The newest comprehensive resource from Splunk Training + Certification is here.
- Free Courses
-
Learning Paths
- Courses for Users
-
Courses for Splunk Administrators
- Courses for Splunk Administrators
- Splunk Fundamentals 1
- Splunk Fundamentals 2
- Splunk Enterprise System Administration
- Splunk Enterprise Data Administration
- Troubleshooting Splunk Enterprise
- Splunk Enterprise Cluster Administration
- Implementing Splunk SmartStore
- Splunk Workload Management
- Working with Metrics in Splunk
- Implementing Splunk Data Stream Processor (DSP)
- Courses for Splunk Cloud Customers
-
Courses for Splunk Architects
- Courses for Splunk Architects
- Splunk Fundamentals 1
- Splunk Fundamentals 2
- Creating Dashboards with Splunk
- Splunk Fundamentals 3
- Advanced Searching and Reporting
- Splunk Enterprise System Administration
- Splunk Enterprise Data Administration
- Troubleshooting Splunk Enterprise
- Splunk Enterprise Cluster Administration
- Architecting Splunk Enterprise Deployments
- Courses for App Developers
-
Courses for Enterprise Security Administrators
- Courses for Enterprise Security Administrators
- Splunk Fundamentals 1
- Splunk Fundamentals 2
- Creating Dashboards with Splunk
- Splunk Fundamentals 3
- Advanced Searching and Reporting
- Splunk Enterprise System Administration
- Splunk Enterprise Data Administration
- Architecting Splunk Enterprise Deployments
- Administering Splunk Enterprise Security
- Courses for Enterprise Security End-Users
-
Courses for IT Service Intelligence Administrators
- Courses for IT Service Intelligence Administrators
- Splunk Fundamentals 1
- Splunk Fundamentals 2
- Creating Dashboards with Splunk
- Splunk Fundamentals 3
- Advanced Searching and Reporting
- Splunk Enterprise System Administration
- Splunk Enterprise Data Administration
- Implementing Splunk IT Service Intelligence
- Courses for IT Service Intelligence End-Users
- Courses for Phantom Customers
-
Courses for Observability Customers
- Courses for Observability Customers
- Observability Fundamentals Series (eLearning)
- Using Splunk Infrastructure Monitoring
- Kubernetes Monitoring with Splunk
- Automation Using the REST and SignalFlow APIs
- Using the Splunk Terraform Provider
- Sending Custom Metrics to Splunk IM
- Using Splunk APM to Monitor Microservices-based Applications
- Advanced Monitoring of Microservices Applications Using Splunk APM
-
Certification Tracks
- Splunk Core Certified User
- Splunk Core Certified Power User
- Splunk Core Certified Advanced Power User
- Splunk Cloud Certified Admin
- Splunk Enterprise Certified Admin
-
Splunk Enterprise Certified Architect
- Splunk Enterprise Certified Architect
- Splunk Fundamentals 1
- Splunk Fundamentals 2
- Splunk Enterprise System Administration
- Splunk Enterprise Data Administration
- Troubleshooting Splunk Enterprise
- Splunk Enterprise Cluster Administration
- Architecting Splunk Enterprise Deployments
- Splunk Enterprise Practical Lab
- Splunk Certified Developer
- Splunk Enterprise Security Certified Admin
- Splunk IT Service Intelligence Certified Admin
-
Splunk Core Certified Consultant
- Splunk Core Certified Consultant
- Splunk Fundamentals 1
- Splunk Fundamentals 2
- Splunk Enterprise System Administration
- Splunk Enterprise Data Administration
- Architecting Splunk Enterprise Deployments
- Troubleshooting Splunk Enterprise
- Splunk Enterprise Cluster Administration
- Splunk Deployment Practical Lab
- Splunk Fundamentals 3
- Creating Dashboards with Splunk
- Advanced Searching and Reporting
- Core Consultant Labs
- Services Core Implementation
- Splunk Phantom Certified Admin
-
Courses
- Splunk Fundamentals 1
- Splunk Fundamentals 2
- Splunk Fundamentals 3
- Advanced Searching and Reporting
- Creating Dashboards with Splunk
- Advanced Dashboards and Visualizations
- Building Splunk Apps
- Splunk for Analytics and Data Science
- Splunk Infrastructure Overview
- Splunk Enterprise System Administration
- Splunk Enterprise Data Administration
- Troubleshooting Splunk Enterprise
- Splunk Enterprise Cluster Administration
- Splunk Cloud Administration
- Transitioning to Splunk Cloud
- Architecting Splunk Enterprise Deployments
- Working with Metrics in Splunk
- Implementing Splunk SmartStore
- Splunk Workload Management
- Splunk Deployment Practical Lab
- Implementing Splunk Data Stream Processor (DSP)
- Developing with Splunk's REST API
- Administering Splunk Enterprise Security
- Using Splunk Enterprise Security
- Implementing Splunk IT Service Intelligence
- Using Splunk IT Service Intelligence
- Splunk User Behavior Analytics
- Administering Phantom
- Developing Phantom Playbooks
- Advanced Phantom Implementation
- Introduction to Splunk IM and Splunk APM
- Using Splunk Infrastructure Monitoring
- Kubernetes Monitoring with Splunk
- Using Splunk APM to Monitor Microservices-based Applications
- Automation Using the REST and SignalFlow APIs
- Using the Splunk Terraform Provider
- Sending Custom Metrics to Splunk IM
- Advanced Monitoring of Microservices Applications Using Splunk APM
- Services Core Implementation
- Core Consultant Labs
-
Videos
- All Videos
- Splunk Cloud Tutorial
- Installing Splunk Enterprise on Linux
- Installing Splunk Enterprise on Windows
- Getting Data In to Splunk Enterprise (Linux)
- Getting Data In (Windows)
- Getting Data In with Forwarders
- Basic Search in Splunk Enterprise
- Create a Dashboard in Splunk Enterprise
- Splunk Certification Candidate Journey
- Creating Alerts in Splunk Enterprise
-
- Program Guide + FAQ
- Download Fact Sheet
Course Description
This 4 virtual-day course prepares consultants to install and configure Splunk's app for IT Service Intelligence (ITSI). Students will learn to use ITSI to monitor mission-critical services. Topics include ITSI architecture, deployment planning, installation, service design and implementation, configuring entities, notable events, and developing glass tables and deep dives.
Instructor-led Training Schedule
Course Topics
- ITSI architecture and deployment
- Installing ITSI
- Designing Services-discovery and best practices
- Implementing services and entities
- Configuring correlation searches and multi KPI alerts
- Managing aggregation policies and anomaly detection
- Troubleshooting and maintenance
Course Prerequisites
- Splunk Fundamentals 1
- Splunk Fundamentals 2
- Splunk Enterprise System Administration
- Splunk Enterprise Data Administration
Course Objectives
Module 1 - Introducing ITSI
- Identify what ITSI does
- Describe reasons for using ITSI
- Examine the ITSI user interface
Module 2 - Glass Tables
- Describe glass tables
- Use glass tables
- Design glass tables
- Configure glass tables
Module 3 - Managing Notable Events
- Define key notable events terms and their relationships
- Describe examples of multi-KPI alerts
- Describe the notable events workflow
- Work with notable events
Module 4 - Investigating Issues with Deep Dives
- Describe deep dive concepts and their relationships
- Use default deep dives
- Create and customize new custom deep dives
- Add and configure swim lanes
- Custom views
- Describe effective workflows for troubleshooting
Module 5 - Installing and Configuring ITSI
- List ITSI hardware recommendations
- Describe ITSI deployment options
- Identify ITSI components
- Describe the installation procedure
- Identify data input options for ITSI
- Add custom data to an ITSI deployment
Module 6 - Designing Services
- Given customer requirements, plan an ITSI implementation
- Identify site entities
Module 7 - Data Audit and Base Searches
- Use a data audit to identify service key performance indicators
- Design base searches
Module 8 - Implementing Services
- Use a service design to implement services in ITSI
Module 9 - Thresholds and Time Policies
- Create KPIs with static and adaptive thresholds
- Use time policies to define flexible thresholds
Module 10 - Entities and Dependencies
- Using entities in KPI searches
- Defining dependencies
Module 11 - Correlation and Multi KPI Searches
- Define new correlation searches
- Define multi KPI alerts
- Manage notable event storage
Module 12 - Aggregation Policies
- Create new aggregation policies
- Use smart mode
Module 13 - Anomaly Detection
- Enable anomaly detection
- Work with generated anomaly events
Module 14 - Access Control
- Configure user access control
- Create service level teams
Module 15 - Troubleshooting ITSI
- Backup and restore
- Maintenance mode
- Creating modules
- Troubleshooting
