Building Splunk Apps

Training + Certification

Course Description

This two-day course focuses on Splunk Enterprise app development. It's
designed for advanced users, administrators, and developers who want to create
apps using the Splunk Web Framework. Major topics include planning app
development, creating data generators and data inputs; the REST API, setup
screens, KV Store, and app packaging.

Download Course Description

Instructor-led Training Schedule

View Schedule

Course Prerequisites

Classes:

Splunk Fundamentals 1 & 2
Creating Dashboards
Advanced Dashboards & Visualizations
Splunk Enterprise System Administration (recommended)

Recommended Skills:

Experience with HTML, CSS, and XML
Experience with JavaScript
Using a terminal text editor (vi, Nano, etc.)

Course Topics

Planning App Development
Adding Data
Creating Apps
Creating a KV Store
Using the Splunk REST API
Packaging Apps

Course Objectives

Module 1 – Planning App Development

Create a development environment
Improve app performance
Identify Splunk log files
Use security best practices
Create a data generator

Module 2 – Creating Apps

Define the web framework architecture
Identify ways to build Splunk apps
Manage apps and add-ons
Create an app
Configure app properties
Create app navigation

Module 3 – Adding Data

List types of data inputs
Identify ways to add data
Define when to use a scripted input
Create a modular input

Module 4 – Using the REST API

Explain how the Splunk REST API works
Define API endpoints
Explain how the KV Store works
Create a KV Store
Use lookups with a KV Store

Module 5 – Packaging Apps

Create an app setup screen
Define search time precedence
Explain local and default differences
Package an app