Course Description

Splunk is a leading log analytics tool. Imagine you have access to all the logs generated by devices like routers, switches, firewalls, servers, cloud and desktops through a single user interface. At individual device level these logs may not make much sense but when you club them together they carry significant information about your entire network. When someone tries to hack the web server they first need to scan the network, then look for vulnerabilities on the server and finally compromise the server. With tools like Splunk, one can write a simple query in SQL (Splunk Query Language) and get the desired information at a fraction of the time. Tools like Splunk gives power to IRT (Incident response team) and also to SOC (Security Operations Center) team members.

Program Benefits Description

Splunk is a market leader in log analyzer and SIEM category. Many companies have started deploying Splunk to analyze a wide variety of information from very easy to use interface. Most of the organizations are using Splunk to monitor and analyze security related events. Anyone having Splunk knowledge is a good candidate for Security Analytics or SOC team. Apart from other necessary skills required to be a master in security one need to have good skills in analytics to become a top-notch security professional.

What'll you Learn?
  • How to install Splunk on Linux (Cent OS)?
  • How to send syslog messages to Splunk?
  • How to send Firewall logs to Splunk?
  • How to read local and remote files in Splunk?
  • Learn in detail about SQL (Splunk Query Language).
  • Create Dashboards based on user-defined criteria.
  • How to configure and use alert mechanism?
  • How to develop a simple app in Splunk?
Course Pricing Description

To know more about the Program Pricing, just fill the form. One of our representatives will get back to you with the requested information.


3 Modules Available

Module 1

  • Install Splunk enterprise on Linux and window.
  • Start Splunk service using terminal.
  • Restart Splunk service (daemon and web) using command as well as Splunk web.


Module 2

  • Upload Splunk logs on Splunk enterprise using Monitor and Upload method.
  • Some basic SPL query like top, fields, table, dedup, regex etc.
  • Creating Dashboard and reports on Splunk.
  • Learn about visualization and how to write complex Splunk query using an advance command like eval, stats, time-chart etc.

Module 3


  • Schedule a search and creating Alerts (real-time and scheduled with given conditions)
  • Work with lookups, data models and how to use them in search
  • Creating basic apps and add-ons
  • How to include CSS and javascript to modify app


  • Including scripts in Splunk app to modify its features

Need Help

Get in touch, We’ll be glad to provide assistance in choosing the right course.




01 What prior skills are required to attend this module?

There are no prior skills required to learn about Splunk. However, you are expected to know about the devices which you are going to integrate with Splunk. For example, if you want to integrate Firewall with Splunk then, in that case, some skills of Firewall is required.

02 Will I be able to practice labs once I finish my course?

Yes, you will be provided with all necessary software and documents which will help you explore more about the topic.

03 Can I attend this course as an individual module?

No. This module is not offered as an independent module. You need to choose a specific track to learn about RedHat Linux Server Administration.

04 How many hands-on labs will be there in this course?

Purple Synapz is all about understanding the concepts at very low level and therefore each topic will have their own hands-on labs exercises. Refer Course details for more information.