Course Description

This two-virtual day course focuses on Splunk app development. It's designed for power users, administrators, and app developers, who want to create powerful, interactive apps using the Splunk Web Framework. Major topics include simple XML, the SplunkJS Stack, KV Store, REST API, app setup screens, navigation, tokens, and packaging an app.

Instructor-led Training Schedule
 Start Date  Start Time  Time Zone
09-May-18 09:00 AM (GMT-07:00) Arizona
10-May-18 09:00 AM (GMT+01:00) Brussels, Copenhagen, Madrid, Paris
05-Jun-18 09:00 AM (GMT-05:00) Eastern Time (US & Canada)
28-Jun-18 09:00 AM (GMT-07:00) Arizona
23-Jul-18 09:00 AM (GMT-07:00) Arizona
View Schedule

Course Prerequisites

Classes:

  • Splunk Fundamentals 1 & 2
  • Advanced Searching & Reporting (strongly recommended)
  • Advanced Dashboards & Visualizations

Recommended Skills:

  • Six month's experience using the Splunk search language
  • Experience with HTML, CSS, and XML
  • Experience with JavaScript
  • Using a terminal emulator

Course Topics

  • Introduction to Splunk Apps
  • Planning App Development
  • Adding Data
  • Creating Apps
  • Creating SplunkJS Views
  • Creating a KV Store
  • Using the Splunk REST API
  • Packaging Apps
Course Objectives

Module 1 – Introduction to Splunk Apps

  • Define the web framework architecture
  • Identify ways to build Splunk apps
  • Manage apps and add-ons

Module 2 – Planning App Development

  • Setup a development environment
  • Improve app performance
  • Identify Splunk log files
  • Use security best practices
  • Create a data generator

Module 3 – Creating Apps

  • Create an app
  • Define the app directory structure
  • Configure app properties
  • Create app navigation
  • Assign app icons, and logos

Module 4 – Adding Data

  • List types of data inputs
  • Define three ways to add data
  • Use the Splunk Add-on Builder
  • Create a modular input

Module 5 – Using SplunkJS Stack 

  • Name three ways to add SplunkJS Views
  • Identify types of search managers 
  • Define token syntax and models
  • Create a SplunkJS dashboard

Module 6 – Using the Splunk REST API 

  • Explain how the Splunk REST API works
  • Define API endpoints
  • Create an app setup screen

Module 7 – Creating a KV Store

  • Define what is a KV Store
  • Create a KV Store
  • Use lookups with a KV Store 
  • Explain how to monitor KV store activity

Module 8 – Packaging Apps

  • Define search time precedence
  • Explain local and default differences
  • Package an app
  • Compare types of app certification