top of page
Splunk Training Provider Authorised Learning Partner Australia

Implementing Splunk IT Service Intelligence

The Implementing Splunk IT Service Intelligence course prepares consultants to install and configure Splunk’s app for IT Service Intelligence (ITSI).

 

Students will learn to use ITSI to monitor mission-critical services. Topics include ITSI architecture, deployment planning, installation, service design and implementation, configuring entities, notable events, and developing glass tables and deep dives.

Splunk Credit Value : 200

Duration : 18 hours over 4 days

Time : 9:00 am - 1:30 pm AEST

*Course discounts apply for Splunk Partners. Please use the currency convertor above to check for course pricing in your local currency.

Implementing Splunk IT Service Intelligence
BOOK NOW.png
CONTACT US (3).png

Enquiry Form

Let us know what you're after

Thanks for submitting!

Great attitude to the students, encourage questions. always attempt his best to answer them. there is a lot of material but he strive through it. willingness to go beyond to do his job, well done.

Participant, Cluster Administration

Implementing Splunk IT Service Intelligence

Implementing Splunk IT Service Intelligence - Course Topics

  • ITSI architecture and deployment

  • Installing ITSI

  • Designing Services – Discovery and best practices

  • Implementing services and entities

  • Configuring correlation searches and multi KPI alerts

  • Managing aggregration policies and anomaly detection

  • Troubleshooting and maintenance

Course Prerequisites

To be successful, the students should have a solid understanding of the following courses.

 

Splunk Fundamentals 1

Splunk Fundamentals 2

Splunk Fundamentals 3

or the following Single Subject Courses

  • What is Splunk

  • Intro to Splunk

  • Using Fields

  • Scheduling Reports and Alerts

  • Visualizations

  • Working with Time

  • Leveraging Lookups and Sub-searches

  • Correlation Analysis

  • Search Under the Hood

  • Search Optimization

  • Introduction to Knowledge Objects

  • Creating Knowledge Objects

  • Creating Field Extractions

  • Enriching Data with Lookups

  • Data Models

  • Introduction to Dashboards

  • Dynamic Dashboards

Students should also have completed the following courses.

Splunk Enterprise System Administration

Splunk Enterprise Data Administration

Implementing Splunk IT Service Intelligence - Audience

Anyone whose role requires them to create complex search queries, advanced data models and reports with Splunk who have limited exposure to regular expressions. Previous attendees have included Consultants, IT Administrators and Business Intelligence/Business Analysts.

Class Format

Instructor-led lecture with labs. Delivered via virtual classroom or at your site

Related Certifications

After completing Implementing Splunk IT Service Intelligence course you will be able to

  • Identify and design ITSI Services and KPI’s

  • Understand customer requirements, and translate into an ITSI implementation

  • Design and Implement Glass Tables

  • Create and Manage Notable Events

  • Configure Adaptive Thresholds and Anomaly Detection

  • Customize Deep Dive views

  • Work with Entities and Dependencies.

Implementing Splunk IT Service Intelligence

Implementing Splunk IT Service Intelligence - Course Objectives

Module 1 - Introducing ITSI

  • Identify ITSI features

  • Describe reasons for using ITSI

  • Examine the ITSI user interface

Module 2 - Glass Tables

  • Describe glass tables

  • Use glass tables

  • Design glass tables

  • Configure glass tables

Module 3 - Managing Notable Events

  • Define key notable events terms and their relationships

  • Describe examples of multi – KPI Alerts

  • Describe the notable events workflow

  • Work with notable events

Module 4 - Investigating Issues with Deep Dives

  • Describe deep dive concepts and their relationships

  • Use default deep dives

  • Create and customize new custom deep dives

  • Add and configure swim lanes

  • Custom views

  • Describe effective workflows for troubleshooting

Module 5 - Installing and Configuring ITSI

  • List ITSI hardware recommendations

  • Describe ITSI deployment options

  • Identify ITSI components

  • Describe the installation procedure

  • Identify data input options for ITSI

  • Add custom data to an ITSI deployment

Module 6 - Designing Services

  • Given customer requirements, plan an ITSI Implementation

  • Identify site entities

Module 7 - Data Audit and Base Searches

  • Use a data audit to identify service key performance indicators

  • Design base searches

Module 8 – Implementing Services

  • Use a service design to implement services in ITSI

Module 9 – Thresholds and Time Policies

  • Create KPI’s with static and adaptive thresholds

  • Use Time policies to define flexible thresholds

Module 10 – Entities and Dependencies

  • Using entities in KPI Searches

  • Defining dependencies

Module 11 – Correlation and Multi KPI Searches

  • Define new correlation searches

  • Define Multi KPI Alerts

  • Manage notable event storage

Module 12 – Aggregation Policies

  • Create new aggregation policies

  • Use smart mode

Module 13 – Anomaly Detection

  • Enable anomaly detection

  • Work with generated anomaly events

Module 14 – Access Control

  • Configure user access control

  • Create services level teams

Module 15 - Troubleshooting ITSI

  • Backup and restore

  • Maintenance mode

Splunk Course Schedules and Timezones

Ingeniq Course are delivered live and in English and provide access to customers spanning multiple timezones.

Dates and times displayed for each course are relative to Australian Eastern Time (AET).

AM Marked Splunk Courses

AM marked courses start at AET 9:00am and finish at AET 1:30pm and are optimal for customers in the following countries and areas;

  • UTC+10 including Australia (East Coast)

  • UCT+11/+12 including New Zealand and the Pacific Islands

  • UTC-8 including USA (West Coast), Canada (West Coast)

  • UTC-7 including USA (Mid West)

PM Marked Splunk Courses

PM marked courses usually starts at AEDT 12:00pm or AEST 11:00 am and are optimal for customers in the following countries and areas;

  • UTC+10 including Australia (East Coast)

  • UCT+11/+12 including New Zealand and the Pacific Islands

  • UTC-8 including USA (West Coast), Canada (West Coast)

  • UTC-7 including USA (Mid West)

Implementing Splunk IT Service Intelligence - Upcoming Courses