Courses for Enterprise Security Customers

Learn to install, configure, manage, and use the Splunk App for Enterprise Security. Two learning paths cover both security analysts and Splunk administrators or architects.

Notice: The following courses; Using Splunk, Searching and Reporting with Splunk, Creating Splunk Knowledge Objects, and Splunk Infrastructure Overview are now replaced with Splunk Fundamentals 1 and Splunk Fundamentals 2 (see new learning path below). You can still register for the legacy courses for a very limited time. Use the links in this text to view more information about the legacy courses and register.

Click on a course below to view a full course description, class schedules, and register.

e-learning
required
recommended
Splunk Fundamentals 1
This self-paced course teaches you how to search and navigate in Splunk, use fields, get statics from your data, create reports, dashboards, lookups, and alerts. It will also introduce you to Splunk's datasets features and Pivot interface.
View topics and register ››
Splunk Fundamentals 2This four-virtual-day course focuses on additional SPL commands, using field aliases and calculated fields, creating tags and event types, using macros, creating workflow actions and data models, and normalizing data with the CIM.
View topics and register ››
Advanced Dashboards and Visualizations This 9 hour course is designed for power users who want to create advanced dashboards, forms, and visualizations. Edit simple XML, use tokens, event handlers, drilldowns, custom stylesheets and more.
View topics and register ››
Advanced Searching and Reporting with Splunk This 13 hour course takes the Splunk search language to the next level. Learn powerful advanced commands and lookup methods.
View topics and register ››
Using the Splunk App for Enterprise SecurityThis 3 virtual day course covers the use of Enterprise Security's dashboards, forms, and workflow to identify, find root cause, and resolve security issues.
View topics and register ››
Splunk Enterprise
System Administration
This 2 virtual day course is designed for system administrators who manage a Splunk Enterprise environment. Topics include Splunk license manager, indexers and search heads, configuration, management, and monitoring.
View topics and register ››
Splunk Enterprise
Data Administration
This 3 virtual day course is for data administrators who are responsible for getting data into Splunk. The course provides content about Splunk forwarders and methods to get remote data into Splunk.
View topics and register ››
Building Add-Ons
(e-learning)
This 1 hour course helps you leverage the Splunk Common Information Model to build Splunk Add-ons
View topics and register ››
Architecting and Deploying SplunkThis 9 hour course focuses on large enterprise deployments. Learn best practices for planning, data collection, sizing and documenting a distributed deployment. 
View topics and register ››
Administering the Splunk App for Enterprise Security
This 3 virtual day course prepares architects and systems administrators to install, configure and manage the Splunk App for Enterprise Security.
View topics and register ››