Building Splunk Apps

This two-virtual day course focuses on Splunk app development. It's designed for power users, administrators, and app developers, who want to create powerful, interactive apps using the Splunk Web Framework. Major topics include simple XML, the SplunkJS Stack, KV Store, REST API, app setup screens, navigation, tokens, and packaging an app.

View schedule »

Download course description »

Upcoming Classes

Course Topics

  • Introduction to Splunk Apps
  • Planning App Development
  • Adding Data
  • Creating Apps
  • Creating SplunkJS Views
  • Creating a KV Store
  • Using the Splunk REST API
  • Packaging Apps

Course Prerequisites


  • Splunk Fundamentals 1 & 2
  • Advanced Searching & Reporting
  • Advanced Dashboards & Visualizations

Recommended Skills

  • Six month's experience using the Splunk search language
  • Experience with HTML, CSS, and XML
  • Experience with JavaScript
  • Using a terminal emulator

Class Format

Instructor-led lecture with labs. Delivered via virtual classroom or at your site.

Course Objectives

Lesson 1 - Introduction to Splunk Apps

  • Define the web framework architecture
  • Identify types of Splunk apps
  • Manage apps and add-ons

Lesson 2 - Planning App Development

  • Setup a development environment
  • Improve app performance
  • Define types of logging
  • Identify security best practices

Lesson 3 - Creating Apps

  • Create a simple XML app
  • Define the app directory structure
  • Create a custom visualization
  • Add navigation, icons, and logos

Lesson 4 - Adding Data

  • Identify types of data inputs
  • Explain how data inputs work
  • Create a data input
  • Create a data generator

Lesson 5 - Creating SplunkJS Stack Views

  • Name three ways to add SplunkJS Views
  • Identify types of search managers
  • Create a view using SplunkJS Stack
  • Define token syntax and models
  • Describe HTML conversion process and result

Lesson 6 - Creating a KV Store

  • Define what is a KV Store
  • Create a KV Store
  • Use lookups with a KV Store

Lesson 7 - Using the Splunk REST API

  • Explain how the Splunk REST API works
  • Define API endpoints
  • Create an app setup screen

Lesson 8 - Packaging Apps

  • Create app navigation
  • Describe config file precedence
  • Package an app
  • Compare types of app certification