Trending Courses

Principals

Skip Navigation Links

Overview

This course is targeted towards Splunk On-call admins responsible for setting up incident response with Splunk On-Call. This 1-virtual day course describes the tasks required to set up on-call teams, including defining schedules, on-call rotations and shifts. Learn to set-up and configure alerts and integrations. Create post-incident review reports, track response metrics and customize reports. Use advanced features such as the Rules engine for advanced customization and configure webhook integrations. All concepts are taught using lectures and scenario-based hands-on activities.
img-course-overview.jpg

What You'll Learn

  • Set up Splunk On-Call teams
  • Set up integrations and configure alerts
  • Report on team activity and performance
  • Use the Rules engine to trigger custom alerts
  • Set up webhook integrations

Who Should Attend

img-who-should-learn.png

Prerequisites

-

Learning Journey

Coming Soon...

Module 1: Introduction and Planning

  • Identify features desirable in an incident response system
  • Create a plan for incident response
  • Describe the flow of a typical incident in Splunk On-Call
  • Describe the general layout of the UI / functionality
  • Explain the Splunk on-call concepts including:
      • Escalation Policies, Incidents, and Actions
  • Create new users
  • Create users paging (notification) policies
  • Plan on-call schedules

Module 2: Users, Teams, Rotations and Escalation Policies

  • Describe the Splunk On-Call setup flow
  • Differentiate between Splunk On-Call user roles
  • Create teams and add users using both the UI and API
  • Add and remove team managers
  • Create on-call schedules including shifts, rotations and members
  • Build Escalation Policies for incoming incidents

Module 3: Configuring Integrations and Alerts

  • Describe the purpose of a routing key
  • Explain the importance of naming conventions in creating routing keys and escalation policies
  • Create a routing key
  • Select appropriate external Monitoring System integrations
  • Configure 3 Splunk On-Call integrations

Module 4: Reporting on Team Activity and Performance

  • Differentiate between the types of reports
  • Create a post-incident review report
  • Track responses metrics
  • Customize on-call Review report
  • Track flow of incidents after the fact using the Incident
  • Frequency report (Enterprise edition only)

Module 5: Advanced Features

  • Use the Alert Rules Engine to add annotations to an incident
  • Use the Alert Rules Engine to transform an alert
  • Re-route or mute incidents based on content
  • Create outgoing Webhooks to extend product functionality
  • Use the public API portal to find details on the public API
  • Explain what data in Splunk On-Call can be maintained with Terraform

Instructors

Scott Duffy

Bestselling Azure & TOGAF® Trainer, Microsoft Azure MVP

4.8 (4.1k)
|
10 Courses
profile-instructor-a.png
Scott Duffy

Bestselling Azure & TOGAF® Trainer, Microsoft Azure MVP

4.8 (4.1k)
|
10 Courses
profile-instructor-a.png

Frequently Asked Questions (FAQs)

  • Why get Splunk certified?

    Splunk certifications validate your expertise in data analytics and your proficiency in using the Splunk platform.

    These certifications demonstrate your ability to leverage Splunk's powerful tools for data collection, analysis, and visualization, making you a valuable asset to organizations seeking to gain actionable insights from their data.

    Splunk-certified professionals are in high demand across various industries, including IT, security, and business analytics.

  • What to expect for the examination?

    Splunk offers a variety of certification exams at different levels, covering various domains and products within the Splunk platform.

    Exams typically consist of multiple-choice and scenario-based questions that assess your knowledge and skills in using Splunk to solve real-world problems.

    Note: Certification requirements and policies may be updated by Splunk from time to time. We apologize for any discrepancies; do get in touch with us if you have any questions.

  • How long is Splunk certification valid for?

    All Splunk certifications are valid for three years from the date of passing the highest-level certification exam.

    To maintain your certification, you will need to recertify before it expires. You have three options for recertification:

    - Pursue a higher-level certification (including any required prerequisite courses), in which case your lower-level certifications would also be renewed on the date of passing the next-level certification exam.

    - Retake a certification exam within the final year of their recertification window to renew their certifications at that level (and any applicable downstream certifications).

    - Complete continuing education courses at any point in the three year recertification window beginning the date of badge issuance.

    Note: Certification requirements and policies may be updated by Splunk from time to time. We apologize for any discrepancies; do get in touch with us if you have any questions.

  • Why take this course with Trainocate?

    Here’s what sets us apart:

    - Global Reach, Localized Accessibility: Benefit from our geographically diverse training hubs in 16 countries (and counting!).

    - Top-Rated Instructors: Our team of subject matter experts (with high average CSAT and MTM scores) are passionate to help you accelerate your digital transformation.

    - Customized Training Solutions: Choose from on-site, virtual classrooms, or self-paced learning to fit your organization and individual needs.

    - Experiential Learning: Dive into interactive training with our curated lesson plans. Participate in hands-on labs, solve real-world challenges, and take on comprehensive assessments.

    - Learn From The Best: With 30+ authorized training partnerships and countless awards from Microsoft, AWS, Google – you're guaranteed learning from the industry's elite.

    - Your Bridge To Success: We provide up-to-date course materials, helpful exam guides, and dedicated support to validate your expertise and elevate your career.

Keep Exploring

Course Curriculum

Training Schedule

Exam & Certification

Frequently Asked Questions

img-improve-career.jpg

Improve yourself and your career by taking this course.

More Courses By Splunk

Browse All Courses
img-get-info.jpg

Ready to Take Your Business from Great to Awesome?

Level-up by partnering with Trainocate. Get in touch today.

Name
Email
Phone
I'm inquiring for
Inquiry Details

By providing your contact details, you agree to our Privacy Policy.

Stay Connected. Be the first to Know.

Company

Principals

Services

Customer Service

© Copyright Trainocate 2024. All rights reserved.