Developing with Splunk's Java and Python SDKs

This nine-hour course teaches you to use Splunk's REST API and Java and Python SDKs to bring new data into Splunk, remotely create and interact with Splunk objects such as ad-hoc and saved searches, and more. Learn to interact directly with the Splunk REST API, and also learn best practices for development--when are the SDKs the right choice, vs. REST, vs. other Splunk built-in tools.

View schedule »

Download course description »

Upcoming Classes

Course Topics

  • Exploring the REST API and SDKs
  • Connection and authentication
  • Object management and simple searching
  • Advanced searching
  • Handling search jobs and results
  • Writing data to Splunk

Class Format

Instructor-led lecture with labs. Delivered via virtual classroom or at your site.


Using Splunk, Splunk Architecture Overview
Searching and Reporting with Splunk strongly recommended
Experience in developing with Java or Python programming languages

Course Objectives

Lesson 1 - Overview

  • Understand the REST API and Splunk SDKs
  • Identify Other Splunk development tools
  • Use REST endpoints in simple scripts
  • Understand the User/App context

Lesson 2 - Exploring the REST API and SDKs

  • Install the Java SDK
  • Install the Python SDK
  • Explore SDK packages

Lesson 3 - Connection and Authentication

  • Understand connection and authentication
  • Understand the authentication process
  • Use authentication tokens for multi-step operations
  • Understand connection operations

Lesson 4 - Object Management

  • List Splunk objects
  • Create and edit Splunk objects

Lesson 5 - Basic Searching

  • Understand basic search language syntax and search best practices
  • Execute a search using the oneshot method
  • Retrieve search results and display them on screen

Lesson 6 - Advanced Searching

  • Identify types of searches
  • Create normal, export, and real-time searches
  • Create and run a saved search

Lesson 7 - Search Jobs and Results

  • Managing jobs
  • Traversing large result sets
  • Count and Offset management
  • Handling real-time jobs
  • Managing Alerts

Lesson 8 - Writing Data to Splunk

  • Create and manage indexes
  • Identify best practices for writing data
  • Use Input classes to add data to indexes
  • Use direct input methods to add data to indexes