Implementing Splunk IT Service Intelligence
The Implementing Splunk IT Service Intelligence course prepares consultants to install and configure Splunk’s app for IT Service Intelligence (ITSI).
Students will learn to use ITSI to monitor mission-critical services. Topics include ITSI architecture, deployment planning, installation, service design and implementation, configuring entities, notable events, and developing glass tables and deep dives.
​
Splunk Credit Value : 200
Duration : 18 hours over 4 days
Time : 9:00 am - 1:30 pm AEST
​
*Course discounts apply for Splunk Partners. Please use the currency convertor above to check for course pricing in your local currency.
Implementing Splunk IT Service Intelligence - Course Topics
-
ITSI architecture and deployment
-
Installing ITSI
-
Designing Services – Discovery and best practices
-
Implementing services and entities
-
Configuring correlation searches and multi KPI alerts
-
Managing aggregration policies and anomaly detection
-
Troubleshooting and maintenance
Course Prerequisites
To be successful, the students should have a solid understanding of the following courses.
Splunk Fundamentals 3
or the following Single Subject Courses
-
What is Splunk
-
Intro to Splunk
-
Using Fields
-
Scheduling Reports and Alerts
-
Visualizations
-
Working with Time
-
Leveraging Lookups and Sub-searches
-
Correlation Analysis
-
Search Under the Hood
-
Search Optimization
-
Introduction to Knowledge Objects
-
Creating Knowledge Objects
-
Creating Field Extractions
-
Enriching Data with Lookups
-
Data Models
-
Introduction to Dashboards
-
Dynamic Dashboards
​
Students should also have completed the following courses.
Implementing Splunk IT Service Intelligence - Audience
Anyone whose role requires them to create complex search queries, advanced data models and reports with Splunk who have limited exposure to regular expressions. Previous attendees have included Consultants, IT Administrators and Business Intelligence/Business Analysts.
Class Format
Instructor-led lecture with labs. Delivered via virtual classroom or at your site
Related Certifications
After completing Implementing Splunk IT Service Intelligence course you will be able to
-
Identify and design ITSI Services and KPI’s
-
Understand customer requirements, and translate into an ITSI implementation
-
Design and Implement Glass Tables
-
Create and Manage Notable Events
-
Configure Adaptive Thresholds and Anomaly Detection
-
Customize Deep Dive views
-
Work with Entities and Dependencies.
Implementing Splunk IT Service Intelligence - Course Objectives
Module 1 - Introducing ITSI
-
Identify ITSI features
-
Describe reasons for using ITSI
-
Examine the ITSI user interface
Module 2 - Glass Tables
-
Describe glass tables
-
Use glass tables
-
Design glass tables
-
Configure glass tables
Module 3 - Managing Notable Events
-
Define key notable events terms and their relationships
-
Describe examples of multi – KPI Alerts
-
Describe the notable events workflow
-
Work with notable events
Module 4 - Investigating Issues with Deep Dives
-
Describe deep dive concepts and their relationships
-
Use default deep dives
-
Create and customize new custom deep dives
-
Add and configure swim lanes
-
Custom views
-
Describe effective workflows for troubleshooting
Module 5 - Installing and Configuring ITSI
-
List ITSI hardware recommendations
-
Describe ITSI deployment options
-
Identify ITSI components
-
Describe the installation procedure
-
Identify data input options for ITSI
-
Add custom data to an ITSI deployment
Module 6 - Designing Services
-
Given customer requirements, plan an ITSI Implementation
-
Identify site entities
Module 7 - Data Audit and Base Searches
-
Use a data audit to identify service key performance indicators
-
Design base searches
Module 8 – Implementing Services
-
Use a service design to implement services in ITSI
Module 9 – Thresholds and Time Policies
-
Create KPI’s with static and adaptive thresholds
-
Use Time policies to define flexible thresholds
Module 10 – Entities and Dependencies
-
Using entities in KPI Searches
-
Defining dependencies
Module 11 – Correlation and Multi KPI Searches
-
Define new correlation searches
-
Define Multi KPI Alerts
-
Manage notable event storage
Module 12 – Aggregation Policies
-
Create new aggregation policies
-
Use smart mode
Module 13 – Anomaly Detection
-
Enable anomaly detection
-
Work with generated anomaly events
Module 14 – Access Control
-
Configure user access control
-
Create services level teams
Module 15 - Troubleshooting ITSI
-
Backup and restore
-
Maintenance mode
Splunk Course Schedules and Timezones
Ingeniq Course are delivered live and in English and provide access to customers spanning multiple timezones.
​
Dates and times displayed for each course are relative to Australian Eastern Time (AET).
​
​
AM Marked Splunk Courses
AM marked courses start at AET 9:00am and finish at AET 1:30pm and are optimal for customers in the following countries and areas;
​
-
UTC+10 including Australia (East Coast)
-
UCT+11/+12 including New Zealand and the Pacific Islands
-
UTC-8 including USA (West Coast), Canada (West Coast)
-
UTC-7 including USA (Mid West)
PM Marked Splunk Courses
PM marked courses usually starts at AEDT 12:00pm or AEST 11:00 am and are optimal for customers in the following countries and areas;
​
-
UTC+10 including Australia (East Coast)
-
UCT+11/+12 including New Zealand and the Pacific Islands
-
UTC-8 including USA (West Coast), Canada (West Coast)
-
UTC-7 including USA (Mid West)
