Using Enterprise Security Training delivered by INGENIQ Using Splunk Enterprise Security The Using Splunk Enterprise Security course prepares security practitioners to track security incidents, analyse security risks, use predictive analytics, and threat discovery. The Using Splunk Enterprise Security course covers the use of Enterprise Security’s dashboards, forms and workflow to identify, find root cause and resolve security issues. Splunk Credit Value : 150 Duration : 13.5 hours over 3 days Time : 9:00 am - 1:30 pm AEST *Course discounts apply for Splunk Partners. Please use the currency convertor above to check for course pricing in your local currency. Enquiry Form Let us know what you're after Courses for me Certifications for me Courses for my team Dedicated courses for my teams Training Tracks for my Company Dedicated courses for my Company Training Packs Using Splunk Training Credits Submit Thanks for submitting! The instructor spoke with clarity, not rushed. Top class, enjoyed. Participant, Using Splunk Enterprise Security Using Splunk Enterprise Security - Course Topics ES concepts, features, and capabilities Assets and identities Security monitoring and Incident investigation Use risk-based alerting and risk analysis Use investigation workbench, timelines, list and summary tools Detecting known types of threats Monitoring for new types of threats Using analytical tools Analyse user behavior for insider threats Use threat intelligence tools Use protocol intelligence and live stream data Course Prerequisites To be successful, students should have a solid understanding of the following courses: What is Splunk? Intro to Splunk Using Fields Visualizations Search Under the Hood Intro to Knowledge Objects Introduction to Dashboards Using Splunk Enterprise Security - Audience Anyone whose role includes using the Splunk App for Enterprise Security. Previous attendees have included Pre-Sales Consultants, Security Sales Engineers, IT Security and Risk Analysts, Security Operations Centre (SOC) staff Class Format Instructor-led lecture with labs. Delivered via virtual classroom or at your site After completing Using Splunk Enterprise Security course you will be able to Detect, identify, and investigate security related threats. Take ownership of incidents, and move through the investigation workflow. Use asset and identity investigator swim lanes to analyse security related events. Use advanced Threat network analysis reports to analyse your network environment. Detect suspicious user activity and access patterns. Understand the threat intelligence framework and use it to identify internal and external threats. Use ES protocol intelligence to analyse captured stream data. Using Splunk Enterprise Security - Course Objectives Module 1 – Getting Started with ES Describe the features and capabilities of Splunk Enterprise Security (ES) Explain how ES helps security practioners prevent, detect, and respond to threats Describe correlation searches, data models and notable events Describe user roles in ES Log into Splunk Web and access Splunk for Enterprise Security Module 2 – Security Monitoring and Incident Investigation Use the Security Posture dashboard to monitor enterprise security status Use the Incident Review dashboard to investigate notable events Take ownership of an incident and move it through the investigation workflow Use adaptive response actions during incident investigation Create notable events Suppress notable events Module 3 – Risk-based Alerting Give an overview of Risk-Based Alerting View Risk Notables and risk information on the Incident Review dashboard Explain risk scores and how to change an object's risk score Review the Risk Analysis dashboard Describe annotations Describe the process for retrieving LDAP data for an asset or indentify lookup Module 4 – Investigations Use investigations to manage incident response activity Use the investigation Workbench to manage, visualize and coordinate incident investigations Add various items to investigations (notes, action history, collaborators, events, assets, identities, files and URLs) Use investigation timelines, lists and summaries to document and review breach analysis and mitigation efforts Module 5 – Using Security Domain Dashboard Use ES to inspect events containing information relevant to active or past incident investigation Identify security domains in ES Use ES security domain dashboards Launch security domain dashboards from incident Review and from action menus in search results Module 6 – Web Intelligence Use the web intelligence dashboards to analyze your network environment Filter ad highlight events Module 7 – User Intelligence Evaluate the level of insider threat with the user activity and access anomaly dashboards Understand asset and identity concepts Use the Asset and identify Investigator to analyze events Use the session center for identity resolution Discuss Splunk User Behavior Analytics (UBA) integration Module 8 – Threat Intelligence Give an overview of the Threat Intelligence framework abd how threat intel is configured in ES Use the Threat Activity dashboard to see which threat sources are interacting with your environment Use the Threat Artifacts dashboard to examine the status of threat intelligence information in your environment Module 9 – Protocol Intelligence Explain how network data is input into Splunk events Describe Stream events Give an overview of the Protocol intelligence dashboards and how they can be used to analyse network data Splunk Course Schedules and Timezones Ingeniq Course are delivered live and in English and provide access to customers spanning multiple timezones. Dates and times displayed for each course are relative to Australian Eastern Time (AET). AM Marked Splunk Courses AM marked courses start at AET 9:00am and finish at AET 1:30pm and are optimal for customers in the following countries and areas; UTC+10 including Australia (East Coast) UCT+11/+12 including New Zealand and the Pacific Islands UTC-8 including USA (West Coast), Canada (West Coast) UTC-7 including USA (Mid West) PM Marked Splunk Courses PM marked courses usually starts at AEDT 12:00pm or AEST 11:00 am and are optimal for customers in the following countries and areas; UTC+10 including Australia (East Coast) UCT+11/+12 including New Zealand and the Pacific Islands UTC-8 including USA (West Coast), Canada (West Coast) UTC-7 including USA (Mid West) Using Splunk Enterprise Security - Upcoming Courses Using Splunk Enterprise Security (V8): Starts June 10 to 12, 2026 Price USD 1,500.00 Using Splunk Enterprise Security (V8): Starts April 29 to May 1, 2026 Course Closed Using Splunk Enterprise Security (V8): Starts March 16 to 18, 2026 Course Closed

Splunk Enterprise Certified Architect Splunk Certification | INGENIQ Splunk Enterprise Certified Architect As part of Splunk Certification, a Splunk Enterprise Certified Architect has a thorough understanding of Splunk Deployment Methodology and best-practices for planning, data collection, and sizing for a distributed deployment and is able to manage and troubleshoot a standard distributed deployment with indexer and search head clustering. This certification demonstrates an individual’s ability to deploy, manage and troubleshoot complex Splunk Enterprise environments. The prerequisite courses listed below through Data and System Administration are highly recommended, but not required for candidates to register for the Splunk certification exam. All candidates who wish to access the exam must be Splunk Enterprise Certified Admin and complete the Architecting Splunk Enterprise Deployments, Troubleshooting Splunk Enterprise, Cluster Administration, and Splunk Enterprise Deployment Practical Lab courses. Enquiry Form Let us know what you're after Courses for me Certifications for me Courses for my team Dedicated courses for my teams Training Tracks for my Company Dedicated courses for my Company Training Packs Using Splunk Training Credits Submit Thanks for submitting! Learning Path Paid Training Paid Cert Exam Cert Exam - Splunk Core Certfied Power User Cert Exam - Splunk Enterprise Certified Admin Troubleshooting Splunk Enterprise Splunk Enterprise Cluster Administration Architecting Splunk Enterprise Deployments Splunk Enterprise Practical Lab (Splunk run course) Cert Exam - Splunk Enterprise Certified Architect Splunk Certifications Exam When you’re ready to take a Splunk Certification exam, please view the Exam-Registration-Tutorial for registration assistance. As a reminder, each exam attempt costs US$125. Bulk registration vouchers can be purchased at a discounted price of five registrations for US$500. How to register for your exam There are three ways to purchase a PearsonVUE registration voucher: 1) Directly from PearsonVUE This is the most streamlined approach. Follow the steps for account creation and exam registration provided at www.pearsonvue.com/splunk Payment will be collected at the time of registration. You can also visit the Pearson VUE voucher store for direct purchase. 2) From Splunk (as an individual) Log into your existing account at Splunk.com/Education to purchase a registration code. Payment can be made via credit card or existing Splunk Education credits. Splunk will email you a unique registration code, which can be used for registration at www.pearsonvue.com/splunk . 3) From Splunk (as an account) Your Splunk Sales Rep can add certification exams to any deal. Once the number of vouchers has been requested, Splunk will email your unique registration codes, which can be used for registration at www.pearsonvue.com/splunk All scheduled exams are subject to a minimum 24-hour cancellation and/or rescheduling policy. Failure to cancel or reschedule an exam within this timeframe results in forfeiture of registration fee. One of the best trainers I've had - keeps content relevant & explains the tasks in easily understood language. Extremely knowledgeable in all fields relating to the content. Well paced & accommodated to everyone's questions & progress. Participant, Splunk Enterprise Data Administration

Splunk Core Certified Enterprise Security Administrator Splunk Certification | INGENIQ Splunk Certified Enterprise Security Administrator As part of Splunk Certification, a Splunk Certified Enterprise Security Admin manages a Splunk Enterprise Security environment, including ES event processing and normalisation, deployment requirements, technology add-ons, settings, risk analysis settings, threat intelligence, protocol intelligence configuration and customisations. This Splunk Certification demonstrates an individual’s ability to install, configure and manage a Splunk Enterprise Security deployment. Please note: There are two approved coursework paths for this Splunk Certification track. Candidates may complete either Splunk Enterprise System Administration and Splunk Enterprise Data Administration or Splunk Cloud Administration as part of this Splunk Certification track. Enquiry Form Let us know what you're after Courses for me Certifications for me Courses for my team Dedicated courses for my teams Training Tracks for my Company Dedicated courses for my Company Training Packs Using Splunk Training Credits Submit Thanks for submitting! Learning Path Paid Training Paid Cert Exam Splunk Enterprise System Administration Splunk Enterprise Data Administration Splunk Cloud Administration Administering Splunk Enterprise Security Cert Exam - Splunk Core Certified Enterprise Security Admin Splunk Certifications Exam When you’re ready to take a Splunk Certification exam, please view the Exam-Registration-Tutorial for registration assistance. As a reminder, each exam attempt costs US$125. Bulk registration vouchers can be purchased at a discounted price of five registrations for US$500. How to register for your exam There are three ways to purchase a PearsonVUE registration voucher: 1) Directly from PearsonVUE This is the most streamlined approach. Follow the steps for account creation and exam registration provided at www.pearsonvue.com/splunk Payment will be collected at the time of registration. You can also visit the Pearson VUE voucher store for direct purchase. 2) From Splunk (as an individual) Log into your existing account at Splunk.com/Education to purchase a registration code. Payment can be made via credit card or existing Splunk Education credits. Splunk will email you a unique registration code, which can be used for registration at www.pearsonvue.com/splunk . 3) From Splunk (as an account) Your Splunk Sales Rep can add certification exams to any deal. Once the number of vouchers has been requested, Splunk will email your unique registration codes, which can be used for registration at www.pearsonvue.com/splunk All scheduled exams are subject to a minimum 24-hour cancellation and/or rescheduling policy. Failure to cancel or reschedule an exam within this timeframe results in forfeiture of registration fee. One of the best trainers I've had - keeps content relevant & explains the tasks in easily understood language. Extremely knowledgeable in all fields relating to the content. Well paced & accommodated to everyone's questions & progress. Participant, Splunk Enterprise Data Administration

Creating Field Extractions - Splunk Education Single Subject Course Training. Creating Field Extractions The Splunk Education single-subject course module, Creating Field Extractions is for knowledge managers who want to learn about field extraction and the Field Extractor (FX) utility. Topics will cover when certain fields are extracted and how to use the FX to create regex and delimited field extractions. Splunk Credit Value : 50 Duration : 3 hours Time : 9:00 am - 12:00 pm AEST Please use the currency convertor above to check for course pricing in your local currency. Enquiry Form Let us know what you're after Courses for me Certifications for me Courses for my team Dedicated courses for my teams Training Tracks for my Company Dedicated courses for my Company Training Packs Using Splunk Training Credits Submit Thanks for submitting! The instructor was very responsive to questions and queries both private and Communal.. Final module collaborative lab walkthrough on screen was particularly helpful. Participant, Splunk Fundamentals 2 Creating Field Extractions - Course Topics Using the Field Extractor Creating Regex Field Extractions Creating Delimited Field Extractions Class Format Instructor-led lecture with labs. Delivered via virtual classroom or at your site Course Prerequisites To be successful, students must have completed these Splunk Education course(s) or have equivalent working knowledge: How Splunk works Knowledge objects Creating Field Extractions - Audience Knowledge Manager learning path. Creating Field Extractions - Course Objectives Topic 1 – Using the Field Extractor Understand types of extracted fields and when they are extracted Explore the Splunk Web Field Extractor (FX) Topic 2 – Creating Regex Field Extractions Identify basics of regular expressions (regex) Understand the regex field extraction workflow Edit regex for field extractions Topic 3 - Creating Delimited Field Extractions Identify delimited field values in event data Understand the delimited field extraction workflow Splunk Course Schedules and Timezones Splunk Course are delivered live and in English and provide access to customers spanning multiple timezones. Dates and times displayed for each course are relative to Australian Eastern Time (AET). AM Marked Splunk Courses AM marked courses start at AET 9:00am and finish at AET 1:30pm and are optimal for customers in the following countries and areas; UTC+10 including Australia (East Coast) UCT+11/+12 including New Zealand and the Pacific Islands UTC-8 including USA (West Coast), Canada (West Coast) UTC-7 including USA (Mid West) PM Marked Splunk Courses PM marked courses usually starts at AEDT 12:00pm or AEST 11:00 am and are optimal for customers in the following countries and areas; UTC+10 including Australia (East Coast) UCT+11/+12 including New Zealand and the Pacific Islands UTC-8 including USA (West Coast), Canada (West Coast) UTC-7 including USA (Mid West) Creating Field Extractions - Upcoming Schedule We don’t have any products to show here right now.

Splunk Pick n Mix | Splunk Training Pack delivered by INGENIQ Splunk Pick'n Mix Splunk Training Pack#7 Splunk Pick'n Mix Learn more, for less.. Ingeniq Splunk Training Packs are a collections of courses that when purchased together qualify for discounts of up to 25%. Splunk Training Packs apply to all Training Tracks and Certifications – in fact to any combination of courses purchased together from Ingeniq. Pick any combination of courses and add to your training pack purchase and they’ll qualify for up to 25% discounts. Call our Training Consultants now on 1300 245 802 or email sales@ingeniq.com.au to have this training pack tailored to you or your team' s requirements. Splunk Training Pack Courses Splunk Fundamentals 1 This self-paced e-learning teaches you how to search and navigate in Splunk, use fields, get statistics from your data, create reports, dashboards, lookups, and alerts. It will also introduce you to Splunk’s datasets features and Pivot interface. This class is provided as free e-learning, to register click on this link to be directed to the Splunk training website: https://www.splunk.com/view/education/SP-CAAAAH9 Splunk Fundamentals 2 This course focuses on searching and reporting commands as well as on the creation of knowledge objects. Major topics include using transforming commands and visualizations, filtering and formatting results, correlating events, creating knowledge objects, using field aliases and calculated fields, creating tags and event types, using macros, creating workflow actions and data models, and normalising data with the Common Interface Model (CIM). Splunk Fundamentals 3 This course runs over 4 days and focuses on additional search commands as well as advanced use of knowledge objects. Major topics include advanced statistics and eval commands, advanced lookup topics, advanced alert actions, using regex and erex to extract fields, using spath to work with self-referencing data, creating nested macros and macros with event types, accelerating reports and data models. Administering Enterprise Security This 13.5 hour course prepares architects and systems administrators to install, configure and manage Splunk Enterprise Security. It covers ES event processing and normalization, deployment requirements, technology add-ons, settings, risk analysis settings, threat intelligence and protocol intelligence configuration, and customisations. Advanced Searching & Reporting This 13.5 hour Splunk course focuses on more advanced search and reporting commands. Scenario-based examples and hands-on challenges enable users to create robust searches, reports, and charts. Students are coached step by step through complex searches to produce final results. Splunk Enterprise System Administration This virtual 9 hour course is designed for system administrators who are responsible for managing the Splunk Enterprise environment. The course provides fundamental knowledge of Splunk license manager, indexers and search heads. It covers configuration, management and monitoring core Splunk Enterprise components. Splunk Enterprise Data Administration This virtual 9 hour course is designed for system administrators who are responsible for managing the Splunk Enterprise environment. The course provides fundamental knowledge of Splunk license manager, indexers and search heads. It covers configuration, management and monitoring core Splunk Enterprise components. Architecting Enterprise Deployments This 9 hour Splunk course focuses on large enterprise deployments. Students will learn steps and best practices for planning, data collection and sizing for a distributed deployment. Workshop-style labs challenge students to make design decisions about an example enterprise deployment. Troubleshooting Splunk This 2 day course is designed for Splunk administrators. It covers topics and techniques for troubleshooting a standard Splunk distributed deployment using the tools available on Splunk Enterprise. Cluster Administration This 3 day course is for an experienced Splunk Enterprise administrator who is new to Splunk Clusters. The course provides the fundamental knowledge of deploying and managing Splunk Enterprise in a clustered environment. It covers installation, configuration, management and monitoring of Splunk clusters. Using Enterprise Security This 3 virtual day course (13.5 hours) prepares security practitioners to track security incidents, analyse security risks, use predictive analytics, and threat discovery. It covers the use of Enterprise Security’s dashboards, forms and workflow to identify, find root cause and resolve security issues. This 4 day virtual course prepares consultants to install and configure Splunk’s app for IT Service Intelligence (ITSI). Students will learn to use ITSI to monitor mission-critical services. Topics include ITSI architecture, deployment planning, installation, service design and implementation, configuring entities, notable events, and developing glass tables and deep dives. Implementing IT Service Intelligence Splunk Certifications Exam When you’re ready to take a Splunk Certification exam, please view the Exam-Registration-Tutorial for registration assistance. As a reminder, each exam attempt costs US$125. Bulk registration vouchers can be purchased at a discounted price of five registrations for US$500. How to register for your exam There are three ways to purchase a PearsonVUE registration voucher: 1) Directly from PearsonVUE This is the most streamlined approach. Follow the steps for account creation and exam registration provided at www.pearsonvue.com/splunk Payment will be collected at the time of registration. You can also visit the Pearson VUE voucher store for direct purchase. 2) From Splunk (as an individual) Log into your existing account at Splunk.com/Education to purchase a registration code. Payment can be made via credit card or existing Splunk Education credits. Splunk will email you a unique registration code, which can be used for registration at www.pearsonvue.com/splunk . 3) From Splunk (as an account) Your Splunk Sales Rep can add certification exams to any deal. Once the number of vouchers has been requested, Splunk will email your unique registration codes, which can be used for registration at www.pearsonvue.com/splunk All scheduled exams are subject to a minimum 24-hour cancellation and/or rescheduling policy. Failure to cancel or reschedule an exam within this timeframe results in forfeiture of registration fee. One of the best trainers I've had - keeps content relevant & explains the tasks in easily understood language. Extremely knowledgeable in all fields relating to the content. Well paced & accommodated to everyone's questions & progress. Participant, Splunk Enterprise Data Administration

Splunk Education, Training and Professional Services Provider Architects Learn concepts and best practices for sizing, scaling, and deploying Splunk across your organisation. Architects Track Courses Splunk Fundamentals 1 Splunk Fundamentals 2 Creating Dashboards with Splunk Splunk Fundamentals 3 Advanced Searching and Reporting Splunk Enterprise System Administration Splunk Enterprise Data Administration Troubleshooting Splunk Enterprise Splunk Enterprise Cluster Administration Architecting Splunk Enterprise Deployments Administering Splunk Enterprise Security Architect Certification Lab Exam The lab is facilitated by a live instructor via virtual classroom. Participants are allowed 24 hours continuous access to the servers to complete the requirements. A live instructor is available for the first 4 hours for direct facilitation. The lab exam is run by Splunk Education, registration for the lab exam needs to be completed through the Splunk website using the link below: https://www.splunk.com/view/SP-CAAAH9R One of the best trainers I've had - keeps content relevant & explains the tasks in easily understood language. Extremely knowledgeable in all fields relating to the content. Well paced & accommodated to everyone's questions & progress. Participant, Splunk Enterprise Data Administration

Splunk Enterprise Architect | Splunk Training Pack delivered by INGENIQ Splunk Enterprise Architect Splunk Training Pack#3 Splunk Enterprise Architect Learn more, for less.. Ingeniq Splunk Training Packs are a collections of courses that when purchased together qualify for discounts of up to 25%. Splunk Training Packs apply to all Training Tracks and Certifications – in fact to any combination of courses purchased together from Ingeniq. Buy Splunk Training Pack#3 and you’ll sit all the courses you need to be certified as a Splunk Enterprise Architect. A Splunk Enterprise Certified Architect has a thorough understanding of Splunk Deployment Methodology and best-practices for planning, data collection, and sizing for a distributed deployment and is able to manage and troubleshoot a standard distributed deployment with indexer and search head clustering. Call our Training Consultants now on 1300 245 802 or email sales@ingeniq.com.au to have this training pack tailored to you or your team' s requirements. Splunk Training Pack Courses Architecting Splunk Enterprise Deployments This 9 hour Splunk course focuses on large enterprise deployments. Students will learn steps and best practices for planning, data collection and sizing for a distributed deployment. Workshop-style labs challenge students to make design decisions about an example enterprise deployment. Troubleshooting Splunk Enterprise This 2 day course is designed for Splunk administrators. It covers topics and techniques for troubleshooting a standard Splunk distributed deployment using the tools available on Splunk Enterprise. Splunk Enterprise Cluster Administration This 3 day course is for an experienced Splunk Enterprise administrator who is new to Splunk Clusters. The course provides the fundamental knowledge of deploying and managing Splunk Enterprise in a clustered environment. It covers installation, configuration, management and monitoring of Splunk clusters. Cert Exam - Splunk Enterprise Architect [USD125] There are three ways to purchase a PearsonVUE registration voucher: Directly from PearsonVUE From Splunk (as an individual) From Splunk (as an account) Full instructions below. Addon & Save!! Splunk Fundamentals 2 This course focuses on searching and reporting commands as well as on the creation of knowledge objects. Major topics include using transforming commands and visualizations, filtering and formatting results, correlating events, creating knowledge objects, using field aliases and calculated fields, creating tags and event types, using macros, creating workflow actions and data models, and normalising data with the Common Interface Model (CIM). Splunk Fundamentals 3 This course runs over 4 days and focuses on additional search commands as well as advanced use of knowledge objects. Major topics include advanced statistics and eval commands, advanced lookup topics, advanced alert actions, using regex and erex to extract fields, using spath to work with self-referencing data, creating nested macros and macros with event types, accelerating reports and data models. Advanced Searching and Reporting This 13.5 hour Splunk course focuses on more advanced search and reporting commands. Scenario-based examples and hands-on challenges enable users to create robust searches, reports, and charts. Students are coached step by step through complex searches to produce final results. Splunk Enterprise System Administration This virtual 9 hour course is designed for system administrators who are responsible for managing the Splunk Enterprise environment. The course provides fundamental knowledge of Splunk license manager, indexers and search heads. It covers configuration, management and monitoring core Splunk Enterprise components. Splunk Enterprise Data Administration This virtual 13.5 hour course is designed for system administrators who are responsible for getting data into Splunk Indexers. Splunk Certifications Exam When you’re ready to take a Splunk Certification exam, please view the Exam-Registration-Tutorial for registration assistance. As a reminder, each exam attempt costs US$125. Bulk registration vouchers can be purchased at a discounted price of five registrations for US$500. How to register for your exam There are three ways to purchase a PearsonVUE registration voucher: 1) Directly from PearsonVUE This is the most streamlined approach. Follow the steps for account creation and exam registration provided at www.pearsonvue.com/splunk Payment will be collected at the time of registration. You can also visit the Pearson VUE voucher store for direct purchase. 2) From Splunk (as an individual) Log into your existing account at Splunk.com/Education to purchase a registration code. Payment can be made via credit card or existing Splunk Education credits. Splunk will email you a unique registration code, which can be used for registration at www.pearsonvue.com/splunk . 3) From Splunk (as an account) Your Splunk Sales Rep can add certification exams to any deal. Once the number of vouchers has been requested, Splunk will email your unique registration codes, which can be used for registration at www.pearsonvue.com/splunk All scheduled exams are subject to a minimum 24-hour cancellation and/or rescheduling policy. Failure to cancel or reschedule an exam within this timeframe results in forfeiture of registration fee. One of the best trainers I've had - keeps content relevant & explains the tasks in easily understood language. Extremely knowledgeable in all fields relating to the content. Well paced & accommodated to everyone's questions & progress. Participant, Splunk Enterprise Data Administration

Splunk Education Single Subject Course Training. Ingeniq is the Authorised Splunk Training Provider for Australia and New Zealand and is certified to deliver the complete range of Splunk courses and offer both Instructor led public and dedicated virtual and face-to-face courses. Splunk Education - Single Subject Courses Splunk single-subject courses are available for registration. Splunk Education single-subject Instructor led courses are smaller portions of Splunk training courses and take approx. 3 hours. These will help you ramp your Splunk Learning quickly and efficiently and they are available as live Instructor-Led Training (ILT) or self-paced eLearning. Splunk Education single-subject training courses contribute to Splunk certifications. If you have started your Splunk training journey with the multi-subject courses and would like help defining the next steps our Education Consultants can help - call us or email at sales@ingeniq.com.au and we'll be in touch. Call us on 1300 245 802 To see the Single-subject to Multi-subject course mapping relationship, please refer to the Mapping column on the far right. Course Name Price Buy Now Learning Path Course Mapping What is Splunk? Free video eLearning Free eLearning Knowledge Manager , Search Expert Splunk Fundamentals 1 Intro to Splunk Free video eLearning Free eLearning Knowledge Manager , Search Expert Splunk Fundamentals 1 Scheduling Reports and Alerts Free video eLearning $500 or 1 credit Free eLearning , eLearning with Labs Search Expert Splunk Fundamentals 1 Using Fields $500 or 1 credit View Schedule Knowledge Manager , Search Expert Splunk Fundamentals 1 , Splunk Fundamentals 3 Visualisations Free video eLearning $500 or 1 credit Free eLearning , eLearning with Labs Search Expert Splunk Fundamentals 1 , Splunk Fundamentals 2 Working with Time $500 or 1 credit View Schedule Search Expert Splunk Fundamentals 2 , Splunk Fundamentals 3 , Advanced Searching and Reporting Statistical Processing $500 or 1 credit View Schedule Search Expert Splunk Fundamentals 2 Comparing Values $500 or 1 credit View Schedule Search Expert Splunk Fundamentals 3 Result Modification $500 or 1 credit View Schedule Search Expert Splunk Fundamentals 3 , Advanced Searching & Reporting Leveraging Lookups and Subsearches $500 or 1 credit View Schedule Search Expert Splunk Fundamentals 3 , Advanced Searching & Reporting Correlation Analysis $500 or 1 credit View Schedule Search Expert Splunk Fundamentals 2 , Advanced Searching & Reporting Search Under the Hood Free video eLearning $500 or 1 credit Free eLearning , eLearning with Labs Search Expert Splunk Fundamentals 2 , Splunk Fundamentals 3 , Advanced Searching & Reporting Multivalue Fields $500 or 1 credit View Schedule Search Expert Splunk Fundamentals 3 , Advanced Searching & Reporting Introduction to Knowledge Objects Free video eLearning Free eLearning Knowledge Manager Splunk Fundamentals 2 Creating Knowledge Objects $500 or 1 credit View Schedule Knowledge Manager Splunk Fundamentals 2 Creating Field Extractions $500 or 1 credit View Schedule Knowledge Manager Splunk Fundamentals 2 , Splunk Fundamentals 3 Enriching Data with Lookups $500 or 1 credit View Schedule Knowledge Manager Splunk Fundamentals 3 Data Models $500 or 1 credit View Schedule Knowledge Manager Splunk Fundamentals 2 , Splunk Fundamentals 3 Introduction to Dashboards $500 or 1 credit View Schedule Knowledge Manager Creating Dashboards Dynamic Dashboards $500 or 1 credit View Schedule Knowledge Manager Creating Dashboards Creating Maps $500 or 1 credit View Schedule Knowledge Manager Creating Dashboards Search Optimisation $500 or 1 credit View Schedule Knowledge Expert, Search Expert Splunk Fundamentals 3 Click on Read more to learn more about each Single Subject Course Training module and the course objectives. What is Splunk? This Splunk training course introduces students to what machine data is and how Splunk can leverage operational intelligence to investigate and respond to incidents in their organizations. Visit Splunk Website Intro to Splunk This Splunk training course teaches students how to use Splunk to create reports and dashboards and explore events using Splunk's Search Processing Language. Students will learn the basics of Splunk's architecture, user roles, and how to navigate the Splunk Web interface to create robust searches, reports, visualizations, and dashboards Visit Splunk Website Using Fields This Splunk training course is for power users who want to learn about fields and how to use fields in searches. Topics will focus on explaining the role of fields in searches, field discovery, using fields in searches, and the difference between persistent and temporary fields. The last topic will introduce how fields from other data sources can be used to enrich search results. Read More Intro to Knowledge Objects This Splunk training course teaches students about how different types of knowledge objects to extract additional insights from their data. Students will learn the basics of how to create knowledge objects, define their settings, edit, and manage existing knowledge objects. Visit Splunk Website Creating Knowledge Objects This Splunk training course is for knowledge managers who want to learn how to create knowledge objects for their search environment using the Splunk web interface. Topics will cover types of knowledge objects, the search-time operation sequence, and the processes for creating event types, workflow actions, tags, aliases, search macros, and calculated fields. Read More Creating Field Extractions This Splunk training course is for knowledge managers who want to learn about field extraction and the Field Extractor (FX) utility. Topics will cover when certain fields are extracted and how to use the FX to create regex and delimited field extractions. Read More Enriching Data with Lookups This Splunk training course is for knowledge managers who want to use lookups to enrich their search environment. Topics will introduce lookup types and cover how to upload and define lookups, create automatic lookups, and use advanced lookup options. Additionally, students will learn how to verify lookup contents in search and review lookup best practices. Read More Data Models This Splunk training course is for knowledge managers who want to learn how to create and accelerate data models. Topics will cover datasets, designing data models, using the Pivot editor, and accelerating data models. Read More Introduction to Dashboards This Splunk training course is designed for power users who want to learn best practices for building dashboards in the Dashboard Studio. It focuses on dashboard creation, including prototyping, the dashboard definition, layout types, adding visualizations, and dynamic coloring. Read More Dynamic Dashboards This Splunk training course module is designed for power users who want to learn best practices for building dashboards in the Dashboard Studio. It focuses on creating inputs, chain searches, event annotations, and improving dashboard performance. Read More Creating Maps This Splunk training Course helps you understand more about Choropleth maps. These maps have specific data and component requirements. A search uses the data and components to generate a choropleth map. Read More Scheduling Reports and Alerts This Splunk training course teaches students how to use scheduled reports and alerts to automate processes in their organization. Students will create, manage, and schedule reports and alerts, and use alert actions to further respond to incidents as they occur. Visit Splunk Website Visualisations This Splunk training course teaches students how to use scheduled reports and alerts to automate processes in their organization. Students will create, manage, and schedule reports and alerts, and use alert actions to further respond to incidents as they occur. Visit Splunk Website Working with Time This Splunk training course is for power users who want to become experts at using time in searches. Topics will focus on searching and formatting time in addition to using time commands and working with time zones. Read More Statistical Processing This Splunk training course is for power users who want to identify and use transforming commands and eval functions to calculate statistics on their data. Topics will cover data series types, primary transforming commands, mathematical and statistical eval functions, using eval as a function, and the rename and sort commands. Read More Comparing Values This Splunk training course is for power users who want to learn how to compare field values using eval functions and eval expressions. Topics will focus on using the comparison and conditional functions of the eval command, and using eval expressions with the field format and where commands. Read More Result Modification This Splunk training course is for power users who want to use commands to manipulate output and normalize data. Topics will focus on specific commands for manipulating fields and field values, modifying result sets, and managing missing data. Additionally, students will learn how to use specific eval command functions to normalize fields and field values across multiple data sources. Read More Leveraging Lookups and Subsearches This Splunk training course is designed for power users who want to learn how to use lookups and sub searches to enrich their results. Topics will focus on lookup commands and explore how to use sub searches to correlate and filter data from multiple sources. Read More Correlation Analysis This Splunk training course is for power users who want to learn how to calculate co-occurrence between fields and analyze data from multiple datasets. Topics will focus on the transaction, append, appendcols, union, and join commands. Read More Search Under the Hood This Splunk training course gives students additional insight into how Splunk processes searches. Students will learn about Splunk architecture, how components of a search are broken down and distributed across the pipeline, and how to troubleshoot searches when results are not returning as expected. Visit Splunk Website Multivalue Fields This Splunk training course is for power users who want to become experts on searching and manipulating multivalue data. Topics will focus on using multivalue eval functions and multivalue commands to create, evaluate, and analyze multivalue data. Read More Search Optimisation This Splunk training course is for power users who want to improve search performance. Topics will cover how search modes affect performance, how to create an efficient basic search, how to accelerate reports and data models, and how to use the tstats command to quickly query data. Read More One of the best trainers I've had - keeps content relevant & explains the tasks in easily understood language. Extremely knowledgeable in all fields relating to the content. Well paced & accommodated to everyone's questions & progress. Participant, Splunk Enterprise Data Administration

Splunk Consultant | Splunk Training Pack delivered by INGENIQ Splunk Consultant Splunk Training Pack#4 Splunk Consultant Learn more, for less.. Ingeniq Splunk Training Packs are a collections of courses that when purchased together qualify for discounts of up to 25%. Splunk Training Packs apply to all Training Tracks and Certifications – in fact to any combination of courses purchased together from Ingeniq. Buy Splunk Training Pack#4 and you’ll sit all the courses you need to be certified as a Splunk Consultant. A Splunk Core Certified Consultant has a thorough understanding of Splunk Deployment Methodology and implementation in large Splunk installations and has expert-level knowledge of multi-tier Splunk architectures, clustering, and scalability topics. Call our Training Consultants now on 1300 245 802 or email sales@ingeniq.com.au to have this training pack tailored to you or your team' s requirements. Splunk Training Pack Courses Architecting Splunk Enterprise Deployments This 9 hour Splunk course focuses on large enterprise deployments. Students will learn steps and best practices for planning, data collection and sizing for a distributed deployment. Workshop-style labs challenge students to make design decisions about an example enterprise deployment. Troubleshooting Splunk Enterprise This 2 day course is designed for Splunk administrators. It covers topics and techniques for troubleshooting a standard Splunk distributed deployment using the tools available on Splunk Enterprise. Splunk Enterprise Cluster Administration This 3 day course is for an experienced Splunk Enterprise administrator who is new to Splunk Clusters. The course provides the fundamental knowledge of deploying and managing Splunk Enterprise in a clustered environment. It covers installation, configuration, management and monitoring of Splunk clusters. Splunk Fundamentals 3 This course runs over 4 days and focuses on additional search commands as well as advanced use of knowledge objects. Major topics include advanced statistics and eval commands, advanced lookup topics, advanced alert actions, using regex and erex to extract fields, using spath to work with self-referencing data, creating nested macros and macros with event types, accelerating reports and data models. Advanced Searching and Reporting This 13.5 hour Splunk course focuses on more advanced search and reporting commands. Scenario-based examples and hands-on challenges enable users to create robust searches, reports, and charts. Students are coached step by step through complex searches to produce final results. Addon & Save!! Cert exam - Splunk Consultant [USD 125] There are three ways to purchase a PearsonVUE registration voucher: Directly from PearsonVUE From Splunk (as an individual) From Splunk (as an account) Full instructions below. Splunk Fundamentals 2 This course focuses on searching and reporting commands as well as on the creation of knowledge objects. Major topics include using transforming commands and visualizations, filtering and formatting results, correlating events, creating knowledge objects, using field aliases and calculated fields, creating tags and event types, using macros, creating workflow actions and data models, and normalising data with the Common Interface Model (CIM). Splunk Enterprise System Administration This virtual 9 hour course is designed for system administrators who are responsible for managing the Splunk Enterprise environment. The course provides fundamental knowledge of Splunk license manager, indexers and search heads. It covers configuration, management and monitoring core Splunk Enterprise components. Splunk Enterprise Data Administration This virtual 13.5 hour course is designed for system administrators who are responsible for getting data into Splunk Indexers. Splunk Certifications Exam When you’re ready to take a Splunk Certification exam, please view the Exam-Registration-Tutorial for registration assistance. As a reminder, each exam attempt costs US$125. Bulk registration vouchers can be purchased at a discounted price of five registrations for US$500. How to register for your exam There are three ways to purchase a PearsonVUE registration voucher: 1) Directly from PearsonVUE This is the most streamlined approach. Follow the steps for account creation and exam registration provided at www.pearsonvue.com/splunk Payment will be collected at the time of registration. You can also visit the Pearson VUE voucher store for direct purchase. 2) From Splunk (as an individual) Log into your existing account at Splunk.com/Education to purchase a registration code. Payment can be made via credit card or existing Splunk Education credits. Splunk will email you a unique registration code, which can be used for registration at www.pearsonvue.com/splunk . 3) From Splunk (as an account) Your Splunk Sales Rep can add certification exams to any deal. Once the number of vouchers has been requested, Splunk will email your unique registration codes, which can be used for registration at www.pearsonvue.com/splunk All scheduled exams are subject to a minimum 24-hour cancellation and/or rescheduling policy. Failure to cancel or reschedule an exam within this timeframe results in forfeiture of registration fee. One of the best trainers I've had - keeps content relevant & explains the tasks in easily understood language. Extremely knowledgeable in all fields relating to the content. Well paced & accommodated to everyone's questions & progress. Participant, Splunk Enterprise Data Administration

Splunk Enterprise Certified Administrator Splunk Certification | INGENIQ Splunk Enterprise Certified Administrator As a part of Splunk Certification, a Splunk Enterprise Certified Admin manages various components of Splunk Enterprise on a daily basis, including license management, indexers and search heads, configuration, monitoring, and getting data into Splunk. This certification demonstrates an individual’s ability to support the day-to-day administration and health of a Splunk Enterprise environment. The prerequisite courses listed below are highly recommended, but not required for candidates to register for the Splunk certification exam. All candidates seeking Splunk Enterprise Certified Architect or Splunk Certified Developer must complete Splunk Enterprise Certified Admin as a prerequisite certification. Learning Path Paid Training Paid Cert Exam Cert Exam - Splunk Core Certfied Power User Enquiry Form Let us know what you're after Courses for me Certifications for me Courses for my team Dedicated courses for my teams Training Tracks for my Company Dedicated courses for my Company Training Packs Using Splunk Training Credits Submit Thanks for submitting! Splunk Enterprise System Administration Splunk Enterprise Data Administration Cert Exam - Splunk Enterprise Certified Admin Splunk Certifications Exam When you’re ready to take a Splunk Certification exam, please view the Exam-Registration-Tutorial for registration assistance. As a reminder, each exam attempt costs US$125. Bulk registration vouchers can be purchased at a discounted price of five registrations for US$500. How to register for your exam There are three ways to purchase a PearsonVUE registration voucher: 1) Directly from PearsonVUE This is the most streamlined approach. Follow the steps for account creation and exam registration provided at www.pearsonvue.com/splunk Payment will be collected at the time of registration. You can also visit the Pearson VUE voucher store for direct purchase. 2) From Splunk (as an individual) Log into your existing account at Splunk.com/Education to purchase a registration code. Payment can be made via credit card or existing Splunk Education credits. Splunk will email you a unique registration code, which can be used for registration at www.pearsonvue.com/splunk . 3) From Splunk (as an account) Your Splunk Sales Rep can add certification exams to any deal. Once the number of vouchers has been requested, Splunk will email your unique registration codes, which can be used for registration at www.pearsonvue.com/splunk All scheduled exams are subject to a minimum 24-hour cancellation and/or rescheduling policy. Failure to cancel or reschedule an exam within this timeframe results in forfeiture of registration fee. One of the best trainers I've had - keeps content relevant & explains the tasks in easily understood language. Extremely knowledgeable in all fields relating to the content. Well paced & accommodated to everyone's questions & progress. Participant, Splunk Enterprise Data Administration

About INGENIQ Splunk Training and Education Services About Us Welcome to Ingeniq Ingeniq, a Bluechip company is an authorised Splunk training provider - we’ve been working with Splunk to train and enable thousands of customers, partners and Splunk employees since 2010. 2010 The year we taught our first Splunk course Our Expert Trainers Ingeniq trainers have been providing training on all aspects of Splunk since 2010 and have won numerous awards and accolades for training delivery including "Evangelist of the Year” for training excellence. Our trainers are all highly qualified Splunk Certified Architects and Consultants and add hands-on real-life experience to our training sessions. The Certifications and Accreditations you can attain after training with us include Splunk Core Certified Consultant, Splunk IT Service Intelligence Certified Admin, Splunk Accredited Zero Trust Security Consultant, and more. 10,000 Course Attendees 4.8/5 Our Average student course rating Courses and Training Plans If you are unsure of which courses you should select to meet your requirements we can also help with designing a complete Splunk training plan for you or your teams. 541 The Companies we've helped enable Online or Onsite to you and your team We deliver most of our training via public courses online. We can also deliver dedicated courses to your teams remotely or at your premises. 860 Classes we've taught Use Your Splunk Training Credits Splunk training credits expire one year from date of issue. Splunk allows your training credits to be used for any of Ingeniq’s instructor led Splunk courses. 334 Splunk Staff we've trained Book a course for you Expand your career options and add more value to your business by investing in Ingeniq training. Unsure of which course or track? One of our Training Consultants can help. 150 Splunk Architects created Book courses for your team Deployed Splunk recently? staff moved on? want to do more with Splunk? Prefer to get the team trained all at once and together in single dedicated sessions? We can do onsite or virtual classes dedicated to your teams - contact one of our Training Consultants for more information, 162 The dedicated classes we've taught Get a training plan for your Company Deployed or upgraded Splunk recently? want to do more with Splunk? Unsure of which courses and tracks you should invest in based on your Splunk use cases? Our Trainers and Training Consultants can help design your corporate training plan. 62 Corporate Training Plans Call, email or complete the form below One of our experienced Training Consultants will be in contact with you. 1300 245 802 Int: +61 2 9094 3555 Email: sales@ingeniq.com.au Enquiry Form Let us know what you're after Courses for me Certifications for me Courses for my team Dedicated courses for my teams Training Tracks for my Company Dedicated courses for my Company Training Packs Using Splunk Training Credits Submit Thanks for submitting! One of the best trainers I've had - keeps content relevant & explains the tasks in easily understood language. Extremely knowledgeable in all fields relating to the content. Well paced & accommodated to everyone's questions & progress. Participant, Splunk Enterprise Data Administration

Result Modification - Splunk Education Single Subject Course Training. Result Modification The Splunk Education single-subject course module, Result Modification is for power users who want to use commands to manipulate output and normalise data. Topics will focus on specific commands for manipulating fields and field values, modifying result sets, and managing missing data. Additionally, students will learn how to use specific eval command functions to normalise fields and field values across multiple data sources. Splunk Credit Value : 50 Duration : 3 hours Time : 9:00 am - 12:00 pm AEST Please use the currency convertor above to check for course pricing in your local currency. Enquiry Form Let us know what you're after Courses for me Certifications for me Courses for my team Dedicated courses for my teams Training Tracks for my Company Dedicated courses for my Company Training Packs Using Splunk Training Credits Submit Thanks for submitting! The instructor was very responsive to questions and queries both private and Communal.. Final module collaborative lab walkthrough on screen was particularly helpful. Participant, Splunk Fundamentals 2 Result Modification - Course Topics Manipulating Output Modifying Result Sets Managing Missing Data Modifying Field Values Normalizing with eval Class Format Instructor-led lecture with labs. Delivered via virtual classroom or at your site Course Prerequisites To be successful, students must have completed these Splunk Education course(s) or have equivalent working knowledge: Intro to Splunk Using Fields Visualizations Working with Time Statistical Processing Comparing Values Result Modification - Audience Search Expert learning path Result Modification - Course Objectives Topic 1 – Manipulating Output Convert a 2-D table into a flat table with the untable command Convert a flat table into a 2-D table with thexyseries command Topic 2 – Modifying Result Sets Append data to search results with the appendpipe command Calculate event statistics with the eventstats command Calculate "streaming" statistics with the streamstats command Modify values to segregate events with the bin command Topic 3 - Managing Missing Data Find missing and null values with the fillnull command Topic 4 – Modifying Field Values Understand the eval command Use conversion and text eval functions to modify field values Reformat fields with the foreach command Topic 5 – Normalising with eval Normalise data with eval functions Identify eval functions to use for data and field normalization Splunk Course Schedules and Timezones Splunk Course are delivered live and in English and provide access to customers spanning multiple timezones. Dates and times displayed for each course are relative to Australian Eastern Time (AET). AM Marked Splunk Courses AM marked courses start at AET 9:00am and finish at AET 1:30pm and are optimal for customers in the following countries and areas; UTC+10 including Australia (East Coast) UCT+11/+12 including New Zealand and the Pacific Islands UTC-8 including USA (West Coast), Canada (West Coast) UTC-7 including USA (Mid West) PM Marked Splunk Courses PM marked courses usually starts at AEDT 12:00pm or AEST 11:00 am and are optimal for customers in the following countries and areas; UTC+10 including Australia (East Coast) UCT+11/+12 including New Zealand and the Pacific Islands UTC-8 including USA (West Coast), Canada (West Coast) UTC-7 including USA (Mid West) Result Modification - Upcoming Schedule We don’t have any products to show here right now.