Udemy
    •  
    •  
    •  
    •  
    •  
    •  
    •  
    •  
Turn what you know into an opportunity and reach millions around the world.
Learn More
Your cart is empty.
Keep shopping
Splunk: Zero to Power User
Bestseller
Rating: 4.4 out of 5(9,154 ratings)
41,834 students

Splunk: Zero to Power User

Splunk Core Certified Power User - Exam Prep - 2026!
Created byHailie Shaw
Last updated 12/2025
English

What you'll learn

  • Pass the Splunk Core Certified Power User exam!
  • Build SPLs, Dashboards, Reports, Alerts, and Searches
  • Go from having zero knowledge of Splunk to a Splunker with strong foundational skills
  • Understand how to hunt with Splunk
  • Gain more confidence in Crowdstrike's Event Search

Course content

1 section41 lectures4h 26m total length
  • Module 1: Introduction4:27
  • Module 2: What Makes Up Splunk5:38

    Understand Splunk's core components: forwarders, indexers, and search heads—and explore deployment options from standalone to multi-instance, including clustering and deployment servers for management.

  • Module 3A: Demo of Lets Download Splunk3:06

    Download the Splunk GUI installer from Splunk.com, start a free 60-day Splunk Enterprise trial for Windows 64-bit, run the GUI installer, set credentials, and access Splunk Web at loopback 8000.

  • Module 3B: MacOS Installation3:20
  • Module 3C: Demo of Getting the Practice Data9:44
  • Module 4A: Getting Data into Splunk3:16
  • Module 4B: Demo of Data Preview and Creating Inputs8:41

    Demonstrate data preview and creating inputs in Splunk, comparing csv versus log formats and adjusting source types. Configure local event log and Windows host inputs for live search and analysis.

  • Module 4C: App vs Addon3:19
  • Module 5: Demo of Searching and Basic Navigation13:24
  • Module 6A: Knowledge Objects3:14
  • Module 6B: Demo of KOs8:03
  • Module 7: Show me the Fields!3:35
  • Module 8A: Search Processing Language4:17
  • Module 8B: Demo of Building SPLs and Basic Commands9:06
  • Module 9A: Transforming Your Search2:05
  • Module 9B: Transforming Commands9:43
  • Module 10A: What are the Events Telling Me?3:08
  • Module 10B: Demo of the Transaction Command8:47
  • Module 11A: Manipulating Your Data1:52
  • Module 11B: Demo of eval, where, and search11:31
  • Module 12A: Fields, Part 2!2:36
  • Module 12B: Demo of Field Extracting9:20
  • Module 13A: Lookups2:48

    Explore lookups in Splunk: define static data files, perform data enrichment by querying lookups, and create or upload lookups using input and output commands.

  • Module 13B: Demo of Using Lookups9:42
  • Module 14A: Visualize Your Data3:04
  • Module 14B: Demo of Chart, Chart, Chart.....stats.15:30

    Explore how to create and customize visualizations in Splunk, including time charts, bar and pie charts, dashboards, and quick reports, with practical examples of actions, purchases, and failed logins.

  • Module 15A: Visualizations, Part 2!2:19

    Explore visualizations in Splunk as we cover iplocation, geostats, addtotals, and trendline to enhance panel dashboards with location insights, maps, totals, and moving averages for your analytics.

  • Module 15B: Demo of More Dashboards!10:21
  • Module 16A: Reports & Drilldowns2:55
  • Module 16B: Demo of Generating Reports, Drilldowns, Home Dashboard14:16
  • Module 17: Alerts7:14

    Create and manage alerts in Splunk by configuring scheduled or real-time searches, setting trigger conditions, throttling, and actions like logging or emailing, with severity and permissions considered.

  • Module 18: Welcome, Tags and Events!5:45
  • Module 19A: Macros1:41
  • Module 19B: Demo of Making Macros9:53
  • Module 20: Workflows to Save You Time7:31
  • Module 21A: Data Normalization & Troubleshooting3:54
  • Module 21B: Demo of All the random things we just covered8:46

    Create field aliases for IP data across web, security, and Cisco as source_ip; build megs from bytes and inspect job performance and bucket states with dbinspect.

  • Module 22A: Datamodels3:59
  • Module 22B: Demo of Searching Datamodels6:40
  • Module 23A: The Common Information Model3:44
  • Module 23B: Demo of the CIM Add-on & CIM Add-On Builder13:50

Requirements

  • Connection to the internet

Description

Hello and welcome to the course. This is the #1 place to learn by watching instructor lead demonstrations on Splunk. Don’t take another course that is bogged down with long lectures and endless PowerPoint slides. Take one that covers the majority of the course via recorded demonstrations and is built for visual learners!

This course is designed to take someone who has never heard of Splunk and provide them with the knowledge they need to pass the Splunk Core Certified Power User exam!

Is it hard to find a streamlined education road map for Splunks old Fundamentals 1 and 2 concepts? This course is it!

Learn by watching demonstrations for over 75% of the course!

Download your own data and practice on your own instance of Splunk.

Learn over 25 commands through many examples!

Gain confidence in how to craft strong searches, build visualizations, and understand the key components of Splunk.

This course will cover all the key topics you need to pass the exam!

I hope you continue to take what you have learned here and move on to learning more advanced topics that Splunk has to offer!

See you in the course and good luck on the exam!

Who this course is for:

  • Beginner Splunkers
  • SOC Analysts
  • Network Forensic Analysts
  • Splunk Admins
  • Splunk Power Users
  • Endpoint Detection and Response
  • Crowdstrike Users