SPLK-SCI - Services: Core Implementation

This expert-level course is an immersive five-day assessment-based bootcamp used to give attendees the opportunity to cement their knowledge in working with the Splunk core platform effectively and at-scale using Professional Services (PS) best-practice techniques. This course represents a significant step-up in difficulty versus earlier courses in a Splunk consultant’s learning path. Passing the course is only possible if the required preparation and practice is put into place before attending.

Duration: 5.0

Enquire Now

Start learning today!

Click Hereto customize your Training


  • Splunk architecture
  • Monitoring Console
  • Configuration Management
  • Authentication, Authorization & LDAP integration
  • Collecting and forwarding data
  • Indexing and Searching
  • Clustering indexers
  • Clustering Search Heads


Module 1 – Deploying Splunk

  • Introduce the Splunk Validated Architectures

Module 2 — Monitoring Console

  • Discuss the best instance to configure as the Monitoring Console
  • Configure the MC for a single or distributed environment
  • Exame how the MC uses the server roles and groups assigned to instances
  • Discuss health checks and how they are run

Module 4 — Access and Roles

  • Discuss how to manage Deployment Server at scale
  • Identify authentication methods
  • Describe LDAP concepts and configuration
  • Discuss SAML and SSO options
  • Define roles and how they are used to protect data

Module 5 — Data Collection

  • Examine Splunk to Splunk (S2S) communication and the different ways data is sent from forwarder to indexer
  • Describe the types and configuration of data inputs
  • Discuss ways to troubleshoot data inputs

Module 6 — Indexing

  • Review indexing artifacts and locations
  • Discuss event processing and data pipelines
  • Understand the underlying text parsing and indexing process
  • Examine data retention controls

Module 7 — Search

  • Examine the inner-workings of a search
  • Discuss how to use search job inspection
  • Look at the different search types and how to maximize search efficiency
  • Review subsearches and how they work
  • Examine some sample searches and how to make them more efficient

Module 8 — Index Clustering

  • Provide an architecture overview
  • Describe deployment and component configuration
  • Review upgrade strategy
  • Discuss Data buckets and lifecycle
  • Examine failure modes and recovery processes
  • Introduce multi-site clustering
  • Explain migration procedures




To qualify for registration, candidates must hold all of the following certifications:

  • Splunk Core Certified Power User
  • Splunk Core Certified Advanced Power User*
  • Splunk Enterprise Certified Admin
  • Splunk Enterprise Certified Architect



Course Benefits

  • Career growth
  • Broad Career opportunities
  • Worldwide recognition from leaders
  • Up-to Date technical skills
  • Popular Certification Badges

Splunk Popular Courses


This "Fast Start" course covers over 60 commands and functions and prepares students to be search experts.


This course prepares security practitioners to use SOAR to respond to security incidents.


This course focuses on creating inputs, chain searches, event annotations, and improving dashboard performance.


This course focuses on dashboard creation, including prototyping, the dashboard definition, layouts types, adding visualizations, and dynamic coloring.
Enquire Now
By clicking "Submit", I agree to the Terms Of Use and Privacy Policy