$199.99

Workshop - Splunk Engineer

Course
63 Lessons

Learn the foundations of Splunk through hands-on practice. In this workshop, you’ll install Splunk on AWS, ingest real log data, write SPL searches, and build dashboards that analyze web traffic activity. Designed to mirror real-world workflows, this course helps you understand how Splunk is used for monitoring, security analysis, and operational visibility.

Buy now

Section 0 - Welcome & Orientation

About O-Line Security

Preview

Your Instructor

Section 1 - Foundations

Expectations & Objectives

Data Pipeline

Sourcetypes

Indexes

Data Design

Section 2 - Environment Setup

Why AWS EC2 Infrastructure?

Understanding AWS Costs for Splunk Labs: Instances, Storage, and Optimization

Creating an EC2 Instance for Splunk Deployment

Install Splunk Enterprise

Configure Splunk Enterprise

EC2 Instance Lifecycle and IP Changes: What to Know Before You Stop or Start

Final Environment Validation and Readiness Check

Section 3 - Core Architecture

Introduction to Splunk Apps

Splunk App Components

How Configuration Files Work Together in Splunk

Metadata

Designing an Efficient Data Pipeline in Splunk

Understanding and Configuring indexes.conf in Splunk

Configuring Data Inputs with inputs.conf in Splunk

Validating Splunk Configurations and Data Pipelines

Sample Logs

Firewall Logs

Proxy Logs

Section 4 - Core Skills

Using btool to Analyze and Troubleshoot Splunk Configurations

Understanding the Flow from Splunk UI to Backend Configuration

Transforming Raw Data into Searchable and Actionable Insights in Splunk

Onboarding and Ingesting New Log Sources in Splunk

Configuring Data Transformations Using transforms.conf in Splunk

Configuring Data Parsing and Field Extractions Using props.conf in Splunk

Validating props.conf and transforms.conf Configurations in Splunk

Network Logs

props.conf

transforms.conf

Section 5 - Implementation

Integrating Splunk Configuration Components for End-to-End Data Processing

Standardizing Data Onboarding Processes in Splunk

Designing Reusable Splunk Apps for Scalable Data Onboarding

Troubleshooting Data Onboarding and Configuration Issues in Splunk

Adopting an Engineering Mindset for Splunk Data Onboarding and Architecture

Section 6 - Data Observability

Designing and Building Dashboards for Visibility

Building Data Ingestion Monitoring Panels in Splunk Dashboards

Monitoring and Ensuring Data Quality in Splunk

Designing and Configuring Alerts in Splunk

Applying an Engineering Perspective to Dashboard Design in Splunk

Section 7 - Capstone Project

Capstone Overview

Capstone Project Breakdown and Implementation Strategy in Splunk

Defining the Approach and Methodology for the Capstone Project

Achieving Success in the Splunk Capstone Project

Capstone Project Review

Capstone Project Closure and Key Takeaways in Splunk

Capstone Project Logs

default.meta

indexes.conf

inputs.conf

transforms.conf

props.conf

Section 8 - Career Development Pack

Career Development

Resume Builder

Interview Q&A

Section 9 - Next Steps

Positioning Yourself for Success as a Splunk Engineer

One Final Thought