Building Splunk Apps (BAWS)

 

Course Content

This 9-hour course focuses on Splunk app development. It's designed for advanced users, administrators, and developers who want to create apps for Splunk Enterprise and Splunk Cloud. Major topics include planning apps, building data generators, adding data, creating custom search commands and REST endpoints, using the KV Store, app vetting using AppInspect, and app packaging.

Who should attend

Advanced Splunk users, administrators, and developers.

Prerequisites

To be successful, students should have a solid understanding of the following modules:

  • Fundamentals 1 & 2 (Retired)
  • Creating Dashboards

Or the following single-subject modules:

Students should also understand the following modules:

Course Objectives

  • Planning Apps
  • Creating Apps
  • Adding Data
  • Enhancing Apps
  • Using the REST API
  • Packaging Apps

Outline: Building Splunk Apps (BAWS)

Topic 1 – Planning Apps

  • Set up a development environment
  • Improve app performance
  • Identify Splunk log files
  • Create a data generator

Topic 2 – Creating Apps

  • Create an app
  • Configure app properties
  • Create app navigation
  • Add app icons and logos

Topic 3 – Adding Data

  • Identify ways to add data
  • Explain modular vs scripted inputs
  • Understand data normalization
  • Review Add-on Builder

Topic 4 - Enhancing Apps

  • Review commonly used knowledge objects
  • Learn about custom alert actions
  • Build custom workflow actions
  • Develop custom search commands

Topic 5 - Using the REST API

  • Describe the Splunk REST API
  • Extend Splunk with custom REST endpoints
  • Review the KV Store and configuration
  • Maintain app state using the KV Store

Topic 6 – Packaging Apps

  • Create an app setup page
  • Define config file precedence
  • Validate an app for Cloud with AppInspect
  • Package an app

Prices & Delivery methods

Online Training

Duration
9 hours

Price
  • US$ 1,500
  • Splunk Training Units: 150 SPC
Enroll now
Request a date
Classroom Training

Duration
9 hours

Price
  • United States: US$ 1,500
  • Splunk Training Units: 150 SPC
Enroll now
Request a date

Click on town name or "Online Training" to book Schedule

This is an Instructor-Led Classroom course
Instructor-led Online Training:   This is an Instructor-Led Online (ILO) course. These sessions are conducted via WebEx in a VoIP environment and require an Internet Connection and headset with microphone connected to your computer or laptop.

Slovenia

 Online Training Time zone: Europe/Berlin Enroll