
Haley Shaw introduces the Splunk core certified user course and guides setup, including creating a Splunk account, tutorial data, answers, and Slack access.
Explore Splunk navigation by locating the home page, shortcuts, and the left-hand app menu; understand how to access data, searches, dashboards, and health status in a user-friendly interface.
Learn about forwarders, indexers, and search heads in Splunk, how data is forwarded, indexed, and searched with SPL, and the three deployment options: standalone, basic, and multi-instance.
Adjust Splunk core user settings to personalize login, default app, time zone, theme, and SPL editor options, including auto format, line numbers, and the search assistant.
Compare Splunk apps and add-ons: apps have a gui and knowledge objects, while add-ons enhance data processing in the background; learn to locate, install, and manage them in Splunk base.
Learn to use the time picker to efficiently filter Splunk events, exploring presets, relative, date range, and advanced options to speed searches and refine results.
Learn to build targeted Splunk searches by specifying index, host, source, and sourcetype. Then pipe commands to refine results; read outputs via fields, key-value pairs, and views, table, and raw.
Explore the job inspector and saving searches in Splunk, learn to pause, stop, sample events, share search criteria, and optimize searches by specifying index and metadata to reduce processing time.
Navigate the Splunk timeline to view and filter events by time, zoom to selections, and use SPL to highlight results and view earliest to latest times.
Explore fields in Splunk core: learn key-value pairs, default fields like underscore time and underscore raw, and how the fields sidebar and fields command speed searches.
Explore the three search modes in Splunk: fast, smart, and verbose, and learn when to use each for quick checks, targeted data, or full field-rich results.
Discover how Splunk indexes organize data on the indexer, use basic search commands to locate data across indexes, and understand events versus metrics indexes.
Master basic transforming commands in Splunk: use top and rare to view most and least frequent values with adjustable limits, and apply stats for counts, distinct values, and time-based aggregates.
Learn to create and save SPL-based reports in Splunk, customize time ranges and visualizations, and schedule automated reports via email or CSV exports.
Create and customize dashboards in Splunk by adding panels and reports, adjusting visualizations, setting permissions, and exporting or viewing the underlying SPL to build effective, shareable insights.
Enrich Splunk events with CSV lookups by mapping product IDs to names, using input and output lookups and definitions, then visualize enriched data in dashboards.
Learn to create and manage Splunk alerts by building saved searches, choosing real-time or scheduled triggers, and configuring actions, permissions, and throttling for reliable incident notifications.
Learn the Basics and Earn Your Certification with Confidence!
A complete course built to help you learn SplunkⓇ from the ground up and pass the SplunkⓇ Core Certified User Exam.
If you're looking to build a solid foundation in SplunkⓇ — whether for cybersecurity, IT operations, or data analysis — this course is your starting point. Designed specifically for those pursuing their SplunkⓇ Core Certified User certification, this course walks you step-by-step through the essential features, tools, and workflows that real professionals use every day.
With clear instruction, structured modules, and hands-on examples, you’ll learn how to navigate SplunkⓇ, search and analyze data, build dashboards and reports, and work with fields, lookups, and alerts. Whether you're brand new to SplunkⓇ or looking to solidify your knowledge, this course is built to make certification achievable.
What You'll Learn
How to confidently navigate the SplunkⓇ interface and understand its core components
How to create and refine searches using time pickers, fields, and search modes
How to read search results, inspect jobs, and explore events efficiently
The difference between basic search commands and transforming commands
How to work with indexes, user settings, applications, and add-ons
How to build reports and dashboards that turn data into insights
How to enrich your data with lookups and stay proactive using alerts
This course is designed to take the guesswork out of SplunkⓇ and give you the tools you need to pass the certification — and use your skills with confidence in the real world. Clear explanations, structured progression, and practical application are at the core of every module.