Splunk Education

Student Handbook - v. 03.22.2022

©Splunk Inc.
270 Brannan St.
San Francisco, CA
U.S.A.
 SPLUNK EDUCATION

Student Handbook

Table of Contents

Program Introduction……………………………………………………………..……. 3

Delivery Methods………………….……………………………….............................. 4

Learning Paths……………………….……………………………………….………… 5

Certification……………………………………………………………………………… 21

Training Credits…………..………….…………………………………………………. 23

Splunk Enterprise / Cloud Basic Subscription………………………………………. 24

Course Registration………………………….………………………………………… 25

Accessing Your Course………………………………………………………..………. 27

Candidate Support/FAQ……………………………………………………….………. 28

Splunk Policies…………………………………………………………………….……. 30

Appendix A (Alphabetical Course List)……….…………………………….………... 31

Splunk Education | Student Handbook 2

PROGRAM INTRODUCTION

Welcome to the world of Splunk Education! From free courses to paid subscriptions, from a few
minutes to a few days, from your first day to your first deployment, we are here to help you get
the most out of Splunk—the Data to Everything platform.

Where do I start?

Great question! Here at Splunk, our Data-to-Everything Platform includes everything you need
to ensure your digital initiatives succeed… but how? Leverage our Splunk Education offerings to
empower your people to predict, identify, and solve problems in real time. We can teach you to
answer your own questions across business, IT, DevOps and security functions with world-class
investigative capabilities, intuitive visualizations, and seamless collaboration.

Splunk Education offers focused training programs that enable you to get started quickly and
stay relevant. We greatly enhance the value that Splunk can bring to you and your company.
Experience has shown that attending Splunk education can have an immediate and profound
impact on your staff and your organization. Our goal is to deliver the maximum amount of
practical information in the shortest amount of time to keep your downtime or
out-of-office time to a minimum. We focus on the tasks required to implement, manage,
develop and use Splunk, with the goal of helping you become self-sufficient and productive as
quickly as possible.

Remember—an investment in education is an investment in success. Past participants in

Splunk Education courses (and certifications) report higher earnings and more promotions
than their industry peers. Organizations that make use of Splunk Education are three times
more likely to accomplish their Splunk-driven business objectives. View Kickstart your
Journey to get started and check out our Fast Start Program!

Keep reading to learn more about our current offerings...

Splunk Education | Student Handbook 3

DELIVERY METHODS

Splunk Education courses are offered in the following delivery methods:

● Self-paced FREE courses

Attend training any time and from any location. These self-paced courses include free
eLearning, use-case videos, walkthroughs and more! Please see here for a
comprehensive list of resources.

● Self-paced paid eLearning

Attend training any time and from any location. These self-paced courses include videos,
hands-on labs and quizzes.

● Instructor-led virtual (public)

These public courses are open to all customers and partners and are delivered by a live
instructor via WebEx that can be attended from any location. We understand how adults
learn and have taken virtual classes to the next level. We ensure that maximum
concentration is kept during the 3-4.5 hour/day classes with engaging instructors, and
comprehensive hands-on labs.

● Instructor-led classroom (public)

With classrooms across the globe and a new state-of-the-art purpose-built classroom at
our headquarters in San Francisco, we offer in-person training. These classes take you
away from your daily office routine and immerse you into the world of Splunk. We create
the ideal environment to get fast-tracked knowledge of how to get the best from Splunk.

● Instructor-led dedicated virtual (private)

If you have a team to train, you can have a dedicated virtual class delivered by a live
instructor via WebEx to just your employees. Students can attend from any location, but
with the added ability to be able to virtually converse with colleagues and the instructor
and focus the class on the needs of your organization.

● Instructor-led dedicated onsite (private)

If you have a team to train, you can bring a Splunk instructor to your site enabling lively
discussion amongst the attendees related to your company’s specific use of Splunk.

Splunk Education | Student Handbook 4

LEARNING PATHS

With such an extensive list of courses available, some students don’t know where to start (or
stop!). This is why we’ve put together Learning Paths designed to give students everything
they need to become true subject matter experts in their desired field.
All course prices shown are in US dollars.

SEARCH EXPERT (SPLUNK ENTERPRISE / CLOUD)

The Search Expert learning path offers courses to teach you to write efficient searches, perform
correlations, create visualizations, and leverage subsearches and lookups.

COURSES PRICE

What is Splunk? Free eLearning

Intro to Splunk Free eLearning

Using Fields Free eLearning no labs or paid

eLearning/ILT with labs $500 or 50 credit

Scheduling Reports and Alerts Free eLearning no labs or paid eLearning

with labs $500 or 50 credits

Visualizations Free eLearning no labs or paid eLearning

with labs $500 or 50 credits

Working with Time $500 or 50 credits

Statistical Processing $500 or 50 credits

Comparing Values $500 or 50 credits

Result Modification $500 or 50 credits

Leveraging Lookups and Subsearches $500 or 50 credits

Correlation Analysis $500 or 50 credits

Search Under the Hood Free eLearning no labs or paid eLearning

with labs $500 or 50 credits

Multivalue Fields $500 or 50 credits

Search Optimization $500 or 50 credits

Splunk Education | Student Handbook 5

*Equivalent retired courses include Fundamentals 1, Fundamentals 2, Fundamentals 3 and Advanced
Searching and Reporting.

KNOWLEDGE MANAGER (SPLUNK ENTERPRISE / CLOUD)

The Knowledge Manager learning path courses teach you to create knowledge objects including
lookups, data models, and different types of fields. In addition, you learn to build dashboards
and add inputs for filtering.

COURSE PRICE

What is Splunk? Free eLearning

Intro to Splunk Free eLearning

Using Fields Free eLearning no labs or paid

eLearning/ILT with labs $500 or 50 credits

Intro to Knowledge Objects Free eLearning

Creating Knowledge Objects $500 or 50 credits

Creating Field Extractions $500 or 50 credits

Enriching Data with Lookups $500 or 50 credits

Data Models $500 or 50 credits

Introduction to Dashboards Free eLearning no labs or paid

eLearning/ILT with labs $500 or 50 credits

Dynamic Dashboards $500 or 50 credits

Creating Maps $500 or 50 credits

Search Optimization $500 or 50 credits

*Equivalent retired courses include Fundamentals 1, Fundamentals 2, Fundamentals 3 and Creating
Dashboards with Splunk.

DATA SCIENCE ANALYST

The Data Science Analyst learning path courses teach you to write efficient and optimized
searches to extract analytics from your data. It covers machine learning, transaction analysis

Splunk Education | Student Handbook 6

and prediction. It also includes the courses to help build and use the knowledge objects
including data models and lookups.

COURSE PRICE

What is Splunk? Free eLearning

Intro to Splunk Free eLearning

Using Fields Free eLearning no labs or paid

eLearning/ILT with labs $500 or 50 credits

Scheduling Reports and Alerts Free eLearning no labs or paid eLearning

with labs $500 or 50 credits

Visualizations Free eLearning no labs or paid eLearning

with labs $500 or 50 credits

Working with Time $500 or 50 credits

Statistical Processing $500 or 50 credits

Comparing Values $500 or 50 credits

Result Modification $500 or 50 credits

Leveraging Lookups and Subsearches $500 or 50 credits

Correlation Analysis $500 or 50 credits

Search Under the Hood Free eLearning no labs or paid eLearning

with labs $500 or 50 credits

Multivalue Fields $500 or 50 credits

Search Optimization $500 or 50 credits

Intro to Knowledge Objects Free eLearning

Creating Knowledge Objects $500 or 50 credits

Creating Field Extractions $500 or 50 credits

Enriching Data with Lookups $500 or 50 credits

Data Models $500 or 50 credits

Introduction to Dashboards Free eLearning no labs or paid

eLearning/ILT with labs $500 or 50 credits

Splunk Education | Student Handbook 7

 Dynamic Dashboards $500 or 50 credits

Creating Maps $500 or 50 credits

*Equivalent retired courses include Fundamentals 1, Fundamentals 2 and Fundamentals 3.

AND

COURSE PRICE

Splunk for Analytics and Data Science $1,500 or 150 credits

SPLUNK CLOUD ADMINISTRATOR

The Splunk Cloud Administrator learning path offers courses for admins to manage data inputs
and configurations in Splunk Cloud.

COURSE PRICE

What is Splunk? Free eLearning

Intro to Splunk Free eLearning

Using Fields Free eLearning no labs or paid

eLearning/ILT with labs $500 or 50 credits

Intro to Knowledge Objects Free eLearning

Creating Knowledge Objects $500 or 50 credits

Creating Field Extractions $500 or 50 credits

Enriching Data with Lookups $500 or 50 credits

Data Models $500 or 50 credits

*Equivalent retired courses include Fundamentals 1 and Fundamentals 2.

AND

COURSE PRICE

Splunk Cloud Administration $2,000 or 200 credits

Pro tip: Candidates who complete the learning path above and hold the Splunk Core Certified
Power User certification are eligible for the Splunk Cloud Certified Admin certification exams.

Splunk Education | Student Handbook 8

SPLUNK ENTERPRISE ADMINISTRATOR

The Splunk Enterprise Administrator learning path teaches you the concepts, tasks, and best
practices to install, configure, and manage your deployment, and learn to onboard varying data.

COURSE PRICE

What is Splunk? Free eLearning

Intro to Splunk Free eLearning

Using Fields Free eLearning no labs or paid

eLearning/ILT with labs $500 or 50 credits

Intro to Knowledge Objects Free eLearning

Creating Knowledge Objects $500 or 50 credits

Creating Field Extractions $500 or 50 credits

Enriching Data with Lookups $500 or 50 credits

Data Models $500 or 50 credits

*Equivalent retired courses include Fundamentals 1 and Fundamentals 2.

AND

COURSE PRICE

Splunk Enterprise System Administration $1,000 or 100 credits

Splunk Enterprise Data Administration $1,500 or 150 credits

Pro tip: Candidates who complete the learning path above and hold the Splunk Core Certified
Power User certification are eligible for the Splunk Enterprise Certified Admin certification exam.

AND (additional courses based on your deployment)

COURSE PRICE

Troubleshooting Splunk Enterprise $1,000 or 100 credits

Splunk Enterprise Cluster Administration $1,500 or 150 credits

Transitioning to Splunk Cloud $1,000 or 100 credits

Splunk Education | Student Handbook 9

 Implementing Splunk SmartStore $500 or 50 credits

Working with Metrics in Splunk $1,000 or 100 credits

Implementing Splunk Data Stream Processor $2,000 or 200 credits

SPLUNK ENTERPRISE ARCHITECT

The Splunk Enterprise Architect learning path teaches you concepts and best practices for
sizing, scaling, and deploying Splunk across your organization.

COURSE PRICE

What is Splunk? Free eLearning

Intro to Splunk Free eLearning

Using Fields Free eLearning no labs or paid

eLearning/ILT with labs $500 or 50 credits

Intro to Knowledge Objects Free eLearning

Creating Knowledge Objects $500 or 50 credits

Creating Field Extractions $500 or 50 credits

Enriching Data with Lookups $500 or 50 credits

Data Models $500 or 50 credits

*Equivalent retired courses include Fundamentals 1 and Fundamentals 2.

AND

COURSE PRICE

Splunk Enterprise System Administration $1,000 or 100 credits

Splunk Enterprise Data Administration $1,500 or 150 credits

Troubleshooting Splunk Enterprise $1,000 or 100 credits

Splunk Enterprise Cluster Administration $1,500 or 150 credits

Architecting Splunk Enterprise Deployments $1,500 or 150 credits

Splunk Deployment Practical Lab $1,000 or 100 credits

Splunk Education | Student Handbook 10

Pro tip: Candidates who complete the learning path above, the Splunk Enterprise Practical Lab,
and hold the Splunk Enterprise Certified Admin certification are eligible for the Splunk Enterprise
Certified Architect certification exam.

SPLUNK ENTERPRISE DEVELOPER

The Splunk Enterprise Developer learning path teaches you how to harness the power of
Splunk's Web Framework, create rich, interactive dashboards and forms, and package Splunk
knowledge objects for distribution across your organization.

COURSE PRICE

What is Splunk? Free eLearning

Intro to Splunk Free eLearning

Using Fields Free eLearning no labs or paid

eLearning/ILT with labs $500 or 50 credits

Visualizations Free eLearning no labs or paid eLearning

with labs $500 or 50 credits

Working with Time $500 or 50 credits

Statistical Processing $500 or 50 credits

Leveraging Lookups and Subsearches $500 or 50 credits

Intro to Knowledge Objects Free eLearning

Creating Knowledge Objects $500 or 50 credits

Creating Field Extractions $500 or 50 credits

Introduction to Dashboards Free eLearning no labs or paid

eLearning/ILT with labs $500 or 50 credits

Dynamic Dashboards $500 or 50 credits

*Equivalent retired courses include Fundamentals 1, Fundamentals 2 and Creating Dashboards.

AND

COURSE PRICE

Advanced Dashboards and Visualizations $500 or 50 credits

Splunk Education | Student Handbook 11

 Splunk Enterprise System Administration $1,000 or 100 credits

Splunk Enterprise Data Administration $1,500 or 150 credits

Building Splunk Apps $1,500 or 150 credits

Developing with Splunk’s REST API $1,000 or 100 credits

Pro tip: Candidates who complete the learning path above and hold either the Splunk
Enterprise Certified Admin certification or the Splunk Cloud Certified Admin certification are
eligible for the Splunk Certified Developer certification exam.

SOC ANALYST (ENTERPRISE SECURITY and MISSION CONTROL)

The SOC Analyst learning path prepares security analysts to use Splunk Enterprise Security
(ES) and Mission Control. Students will use ES to identify and track security incidents, analyze
security risks, use predictive analytics, and threat discovery.

COURSE PRICE

What is Splunk? Free eLearning

Intro to Splunk Free eLearning

Using Fields Free eLearning no labs or paid

eLearning/ILT with labs $500 or 50 credits

Scheduling Reports and Alerts Free eLearning no labs or paid eLearning

with labs $500 or 50 credits

Visualizations Free eLearning no labs or paid eLearning

with labs $500 or 50 credits

Leveraging Lookups and Subsearches $500 or 50 credits

Search Under the Hood Free eLearning no labs or paid eLearning

with labs $500 or 50 credits

Intro to Knowledge Objects Free eLearning

Enriching Data with Lookups $500 or 50 credits

Data Models $500 or 50 credits

Introduction to Dashboards Free eLearning no labs or paid

Splunk Education | Student Handbook 12

 eLearning/ILT with labs $500 or 50 credits
*Equivalent retired courses include Fundamentals 1 and Fundamentals 2.

AND

COURSE PRICE

Using Splunk Enterprise Security $1,500 or 150 credits

Using Splunk Mission Control $500 or 50 credits

SOC ADMINISTRATOR (ENTERPRISE SECURITY) ON-PREM

The SOC Administrator learning path courses teach security admins to install, configure, and
manage Enterprise Security on Splunk Enterprise.

COURSE PRICE

What is Splunk? Free eLearning

Intro to Splunk Free eLearning

Using Fields Free eLearning no labs or paid

eLearning/ILT with labs $500 or 50 credits

Scheduling Reports and Alerts Free eLearning no labs or paid eLearning

with labs $500 or 50 credits

Visualizations Free eLearning no labs or paid eLearning

with labs $500 or 50 credits

Leveraging Lookups and Subsearches $500 or 50 credits

Search Under the Hood Free eLearning no labs or paid eLearning

with labs $500 or 50 credits

Intro to Knowledge Objects Free eLearning

Creating Knowledge Objects $500 or 50 credits

Creating Field Extractions $500 or 50 credits

Enriching Data with Lookups $500 or 50 credits

Data Models $500 or 50 credits

Splunk Education | Student Handbook 13

 Introduction to Dashboards Free eLearning no labs or paid
eLearning/ILT with labs $500 or 50 credits

Dynamic Dashboards $500 or 50 credits

*Equivalent retired courses include Fundamentals 1 and Fundamentals 2.

AND

COURSE PRICE

Splunk Enterprise System Administration $1,000 or 100 credits

Splunk Enterprise Data Administration $1,500 or 150 credits

Administering Splunk Enterprise Security $1,500 or 150 credits

Pro tip: Candidates who complete the learning path above are eligible for the Splunk Enterprise
Security Certified Admin certification exam.

SOC ADMINISTRATOR (ENTERPRISE SECURITY) CLOUD

The SOC Administrator learning path courses teach security admins to configure and manage
Enterprise Security on Splunk Cloud.

COURSE PRICE

What is Splunk? Free eLearning

Intro to Splunk Free eLearning

Using Fields Free eLearning no labs or paid

eLearning/ILT with labs $500 or 50 credits

Scheduling Reports and Alerts Free eLearning no labs or paid eLearning

with labs $500 or 50 credits

Visualizations Free eLearning no labs or paid eLearning

with labs $500 or 50 credits

Leveraging Lookups and Subsearches $500 or 50 credits

Search Under the Hood Free eLearning no labs or paid eLearning

with labs $500 or 50 credits

Intro to Knowledge Objects Free eLearning

Splunk Education | Student Handbook 14

 Creating Knowledge Objects $500 or 50 credits

Creating Field Extractions $500 or 50 credits

Enriching Data with Lookups $500 or 50 credits

Data Models $500 or 50 credits

Introduction to Dashboards Free eLearning no labs or paid

eLearning/ILT with labs $500 or 50 credits

Dynamic Dashboards $500 or 50 credits

*Equivalent retired courses include Fundamentals 1 and Fundamentals 2.

AND

COURSE PRICE

Splunk Cloud Administration $2,000 or 200 credits

Administering Splunk Enterprise Security $1,500 or 150 credits

Pro tip: Candidates who complete the learning path above are eligible for the Splunk Enterprise
Security Certified Admin certification exam.

SOAR ANALYST

The SOAR Analyst learning path prepares security practitioners to use SOAR to respond to
security incidents, investigate vulnerabilities, and take action to mitigate and prevent security
problems.

COURSE PRICE

Investigating Incidents with Splunk SOAR $500 or 50 credits

SOAR ADMINISTRATOR

The SOAR Administrator learning path teaches you how to install and configure SOAR, and
achieve orchestration and automation tasks through SOAR playbook development.

COURSE PRICE

Splunk Education | Student Handbook 15

 Investigating Incidents with Splunk SOAR $500 or 50 credits

Administering Splunk SOAR $500 or 50 credits

Developing SOAR Playbooks $1,000 or 100 credits

Splunk Enterprise System Administration $1,000 or 100 credits

Splunk Enterprise Data Administration $1,500 or 150 credits

Administering Splunk Enterprise Security $1,500 or 150 credits

Advanced SOAR Implementation $1,500 or 150 credits

Pro tip: Candidates who complete the learning path above are eligible for the Splunk SOAR
Certified Automation Developer certification exam.

IT ANALYST (IT SERVICE INTELLIGENCE)

The IT Analyst learning path teaches analysts to use Splunk IT Service Intelligence features,
such as Service Analyzer, Notable Events Review, Glass Tables, Deep Dives, KPI Alerts and
more.

COURSE PRICE

What is Splunk? Free eLearning

Intro to Splunk Free eLearning

Using Fields Free eLearning no labs or paid

eLearning/ILT with labs $500 or 50 credits

Scheduling Reports and Alerts Free eLearning no labs or paid eLearning

with labs $500 or 50 credits

Visualizations Free eLearning no labs or paid eLearning

with labs $500 or 50 credits

Leveraging Lookups and Subsearches $500 or 50 credits

Search Under the Hood Free eLearning no labs or paid eLearning

with labs $500 or 50 credits

Intro to Knowledge Objects Free eLearning

Splunk Education | Student Handbook 16

 Enriching Data with Lookups $500 or 50 credits

Introduction to Dashboards Free eLearning no labs or paid

eLearning/ILT with labs $500 or 50 credits
*Equivalent retired courses include Fundamentals 1 and Fundamentals 2.

AND

COURSE PRICE

Using Splunk IT Service Intelligence $500 or 50 credits

IT ADMINISTRATOR (IT SERVICE INTELLIGENCE) ON-PREM

The IT Administrator learning path teaches admins to install, configure, and manage Splunk for
IT Service Intelligence (ITSI) on Splunk Enterprise.

COURSE PRICE

What is Splunk? Free eLearning

Intro to Splunk Free eLearning

Using Fields Free eLearning no labs or paid

eLearning/ILT with labs $500 or 50 credits

Scheduling Reports and Alerts Free eLearning no labs or paid eLearning

with labs $500 or 50 credits

Visualizations Free eLearning no labs or paid eLearning

with labs $500 or 50 credits

Working with Time $500 or 50 credits

Leveraging Lookups and Subsearches $500 or 50 credits

Correlation Analysis $500 or 50 credits

Search Under the Hood Free eLearning no labs or paid eLearning

with labs $500 or 50 credits

Intro to Knowledge Objects Free eLearning

Creating Knowledge Objects $500 or 50 credits

Creating Field Extractions $500 or 50 credits

Splunk Education | Student Handbook 17

 Enriching Data with Lookups $500 or 50 credits

Data Models $500 or 50 credits

Introduction to Dashboards Free eLearning no labs or paid

eLearning/ILT with labs $500 or 50 credits

Dynamic Dashboards $500 or 50 credits

Search Optimization $500 or 50 credits

*Equivalent retired courses include Fundamentals 1 and Fundamentals 2.

AND

COURSE PRICE

Splunk Enterprise System Administration $1,000 or 100 credits

Splunk Enterprise Data Administration $1,500 or 150 credits

Implementing Splunk IT Service Intelligence $2,000 or 200 credits

Pro tip: Candidates who complete the learning path above are eligible for the Splunk IT Service
Intelligence Certified Admin certification exam.

IT ADMINISTRATOR (IT SERVICE INTELLIGENCE) CLOUD

The IT Administrator learning path teaches admins to configure and manage Splunk for IT
Service Intelligence (ITSI) on Splunk Cloud.

COURSE PRICE

What is Splunk? Free eLearning

Intro to Splunk Free eLearning

Using Fields Free eLearning no labs or paid

eLearning/ILT with labs $500 or 50 credits

Scheduling Reports and Alerts Free eLearning no labs or paid eLearning

with labs $500 or 50 credits

Visualizations Free eLearning no labs or paid eLearning

with labs $500 or 50 credits

Splunk Education | Student Handbook 18

 Working with Time $500 or 50 credits

Leveraging Lookups and Subsearches $500 or 50 credits

Correlation Analysis $500 or 50 credits

Search Under the Hood Free eLearning no labs or paid eLearning

with labs $500 or 50 credits

Intro to Knowledge Objects Free eLearning

Creating Knowledge Objects $500 or 50 credits

Creating Field Extractions $500 or 50 credits

Enriching Data with Lookups $500 or 50 credits

Data Models $500 or 50 credits

Introduction to Dashboards Free eLearning no labs or paid

eLearning/ILT with labs $500 or 50 credits

Dynamic Dashboards $500 or 50 credits

Search Optimization $500 or 50 credits

*Equivalent retired courses include Fundamentals 1 and Fundamentals 2.

AND

COURSE PRICE

Splunk Cloud Administration $2,000 or 200 credits

Implementing Splunk IT Service Intelligence $2,000 or 200 credits

Pro tip: Candidates who complete the learning path above are eligible for the Splunk IT Service
Intelligence Certified Admin certification exam.

SPLUNK OBSERVABILITY

The Observability learning path for Site Reliability Engineer (SRE), DevOps and Developer
includes individual courses that teach the core skills on Infrastructure Monitoring, Application
Performance Management, Log Observer, Synthetics, Real User Monitoring and On-Call.

Splunk Education | Student Handbook 19

COURSE PRICE

Introduction to Splunk Observability Free eLearning

Introduction to Splunk IM Free eLearning

Splunk Infrastructure Monitoring $500 or 50 credits

Fundamentals

Visualizing and Alerting in Splunk $500 or 50 credits

Infrastructure Monitoring

Automation Using the REST and SignalFlow $1,000 or 100 credits

API

Using the Splunk IM Terraform Provider $1,000 or 100 credits

Kubernetes Monitoring with Splunk $500 or 50 credits

Observability Cloud

Ingesting Application Metrics in Splunk IM $500 or 50 credits

Splunk Observability Cloud: Teams Free eLearning

Splunk Observability Cloud: Enterprise Free eLearning

Features

Using Splunk Application Performance $500 or 50 credits

Monitoring

Configuring Tracing and Profiling for Splunk $500 or 50 credits

APM

Using the Log Observer $500 or 50 credits

Using Splunk Synthetic Monitoring Free eLearning

Using Splunk Real User Monitoring (RUM) Free eLearning

Responding to Incidents in Splunk On-Call Free eLearning

Splunk On-Call Administration $500 or 50 credits

Splunk Education | Student Handbook 20

CERTIFICATION

Learners may also wish to pursue Splunk Certifications on their journey to Splunk mastery.
Certifications offer substantial benefits to the individual, including earnings of an average of
16% more than their industry peers. Organizations that invest in Certification earn faster time
to value and are more likely to renew and expand their license.

How do certifications differ from learning paths? In simplest terms, certifications are
credentials which verify a candidate’s Splunk skills at a specific level. Learning paths are a
series of recommended courses designed to educate learners on a set of skills. Many
certification candidates choose to complete learning paths on their journey to become Splunk
Certified, but—in most cases— these courses are not required to qualify for the certification
exam (Splunk Enterprise Certified Architect and Splunk Certified Consultant are exceptions to
this rule and do require course completion. See certification tracks for more details.)

Our program offerings are outlined in the following table. Exam registration costs $130 USD for
a single exam or $500 USD for a discounted bundle of five registrations. Organizations can
convert EDU credits (not including those included with Success Plans) to certification vouchers
by emailing [email protected]. For more details, including program policies,
requirements, registration, and fees, check out the Splunk Certification Candidate Handbook.

Certification Skills Related Products

Splunk Core Certified User Performs basic searches, uses fields, Splunk Enterprise
creates alerts, uses look-ups, and Splunk Cloud
creates basic statistical reports and
dashboards.

Splunk Core Certified Power User
Understands SPL searching and Splunk Enterprise
reporting commands and creates Splunk Cloud
knowledge objects, uses field aliases
and calculated fields, creates tags and
event types, uses macros, creates
workflow actions and data models, and
normalizes data with the Common
Information Model.

Splunk Core Certified Advanced Power User
Authors complex searches and Splunk Enterprise
reporting commands, implements Splunk Cloud
advanced use cases of knowledge
objects, and understands best
practices for building dashboards and
forms.

Splunk Education | Student Handbook 21

 Splunk Cloud Certified Admin
Splunk Enterprise Certified Admin
Splunk Enterprise Certified Architect
Splunk Core Certified Consultant
Splunk Certified Developer
Splunk Enterprise Security Certified Admin
Splunk IT Service Intelligence
Splunk SOAR Certified Automation Developer*
*Formerly referred to as Splunk Phantom Certified Admin
TRAINING CREDITS
Splunk Education | Student Handbook
Manages and configures details for Splunk Cloud
Splunk Cloud, including data inputs
and forwarder configuration, data
management, user accounts, and
basic monitoring and problem isolation.
Manages various components of Splunk Enterprise
Splunk Enterprise on a daily basis,
including license management,
indexers and search heads,
configuration, monitoring, and getting
data into Splunk.
Understands Splunk Deployment Splunk Enterprise
Methodology and best-practices for
planning, data collection, and sizing for
a distributed deployment.
Manages and troubleshoots a standard
distributed deployment with indexer
and search head clustering.
Understands Splunk Deployment Splunk Enterprise
Methodology and implementation in
large Splunk installations and has
expert-level knowledge of multi-tier
Splunk architectures, clustering, and
scalability topics.
Builds apps using the Splunk Web Splunk Enterprise
Framework.
Manages a Splunk Enterprise Security Splunk ES
environment, including ES event
processing and normalization,
deployment requirements, technology
add-ons, settings, risk analysis
settings, threat intelligence and
protocol intelligence configuration, and
customizations.
Installs and configures Splunk's app Splunk ITSI
for IT Service Intelligence (ITSI),
including ITSI architecture, deployment
planning, service design and
implementation, notable events, and
developing glass tables and deep
dives.
Installs, configures, and uses SOAR Splunk SOAR
servers and plans, designs, creates,
and debugs basic playbooks for
Splunk SOAR. Understands complex
SOAR solution development, and can
integrate SOAR with Splunk as well as
develop playbooks requiring custom
coding and REST API usage.
22
Splunk Education offers training credits to provide flexibility and volume discounts. Training
credits can be used for all education offerings, delivery methods and certification exam
vouchers*. Training credits can also be used by anyone within your organization to provide the
right training, at the right time, throughout the 12-month term.

Each training credit is valued at $10 USD. The number of training credits required for each
course and delivery method can be found in the pricing list and the volume discounts are
outlined below.

Training Credit Volume Discounts

Number of List Price Discount Final Price Example

Credits Per Credit Per Credit

1-2499 $10 0% 50 x $10.00

$10.00
= $500

2500-4999 $10 2% 2500 x $9.80

$9.80
= $24,500

5000-9999 $10 5% 5000 x $9.50

$9.50
= $47,500

10000+ $10 10% 10000 x $9.00

$9.00
= $90,000

*Please note, fifty (50) training credits can be converted to purchase a five-pack of certification
exam vouchers. Please send a request to [email protected] for assistance.

Splunk Education | Student Handbook 23

SPLUNK ENTERPRISE / CLOUD BASIC SUBSCRIPTION

Splunk Education Basic eLearning subscription allows everyone in your organization to fully
utilize Splunk. For one year, anyone within a designated @company.com domain(s) can be
successful by completing the self-paced eLearning courses included in the subscription. Please
view additional information here Splunk Education Basic Subscription Datasheet.

The learner has the option to complete one or two learning paths or they can register and
complete the courses of their choice.

Every learner should start with these three courses first:

● What is Splunk?
● Intro to Splunk
● Using Fields

Search Expert Learning Path (eLearning with Labs)

● Scheduling Reports and Alerts

● Visualizations
● Working with Time
● Statistical Processing
● Comparing Values
● Result Modification
● Leveraging Lookups and Subsearches
● Correlation Analysis
● Search Under the Hood
● Multivalue Fields

Knowledge Manager Learning Path (eLearning with Labs)

● Intro to Knowledge Objects

● Creating Knowledge Objects
● Creating Field Extractions
● Enriching Data with Lookups
● Data Models
● Introduction to Dashboards
● Dynamic Dashboards
● Creating Maps

An additional course that applies to both paths:

● Search Optimization

Please contact [email protected] for pricing.

Splunk Education | Student Handbook 24

COURSE REGISTRATION

To register for a Splunk Education course, all students must first create a Splunk.com account.
Any issues encountered in creating an account or logging into an account should be directed to
Splunk Support (we recommend calling your regional helpline for the quickest assistance).

There are several ways to pay/register for a course (instructions can also be found here):

ENROLLING USING EDU CREDITS/PASSKEY

1. Use the Catalog to browse by course or use the Schedule page to browse the
schedule for Instructor-Led-Training.
2. For eLearning classes, click the "Register" button. For live instructor-led classes
(virtual or classroom) click the dates in the time-zone/location that best suits your
schedule.
3. Please review the Terms and Conditions and check the box. Click "Register". You
can use the "Continue Shopping" link to add more classes to your cart.
4. Review the details on the page and, when ready, click "Checkout". You will be
prompted to login. If you do not have a Splunk.com account, you can create one
from the next screen.
5. Complete any missing fields.
6. Select the Training Passkey payment type and enter your passkey in that field. If you
do not know your passkey, please contact your internal coordinator.
7. Agree to the Terms and Conditions (yes—again!).
8. Click "Confirm Order". If your company has set the passkey to auto-approve your
registration will be confirmed immediately. Otherwise, the owner of your credits
account will receive a notification requesting approval. Your registration will be
tentative until the use of the credits is approved.

Splunk Education | Student Handbook 25

COURSE REGISTRATION (continued)

ENROLLING WITH A CREDIT CARD

1. Use the Catalog to browse by course or use the Classes page to browse the
schedule for Instructor-Led Training.
2. For eLearning classes, click the "Register" button. For live instructor-led classes
(virtual or classroom) click the dates in the time-zone/location that best suits your
schedule.
3. Be sure to read the Terms and Conditions and check the box. Click "Register". You
can use the "Continue Shopping" link to add more classes to your cart.
4. Review the details on the page and, when ready, click "Checkout". You will be
prompted to login. If you do not have a Splunk.com account, you can create one
from the next screen.
5. Complete any missing fields.
6. Select the "Credit Card" Payment Type and enter your card details
7. Agree to the Terms and Conditions, once more for good measure!
8. Click "Confirm Order". Your registration will automatically be confirmed!

ENROLLING WITH YOUR COMPANY’S BASIC ELEARNING SUBSCRIPTION

1. Use the Splunk Basic eLearning Subscription page for registration instructions.
2. Note that subscription pricing is not adjusted until you have added a course to your
cart and are logged in. Only eLearning courses are included in subscription
packages.

Splunk Education | Student Handbook 26

ACCESSING YOUR COURSE

Once you’ve registered for a course, you will receive a confirmation email at the email address
you used to create your Splunk Education account with specific instructions. Please carefully
review these instructions, as they may include a system compatibility check which should be
completed prior to the start date of the course. This is especially true for instructor-led
courses.

When you’re ready to access your course, visit your training profile. Courses you have
registered for will be displayed at the bottom of the page. If you are having problems finding
your courses, click the My Learning tab, and use the Filter Results drop-down to filter courses
by status. Once you have found the course, click the View Details button for additional
instructions.

Similarly, access eLearning courses as described above or directly from the confirmation
email you received. If accessing from your training profile, click the Resume
Course/Pathway button to launch it.

Before launching a course, we suggest you use the test link at https://splk.it/2TKvg6K to verify
that it will work with your system or network.

Splunk Education | Student Handbook 27

CANDIDATE SUPPORT/FAQ

Below are some of the most frequently-asked questions fielded by our Education Ops
Team. Please also refer to our Program Guide and Splunk Education FAQ for the most
up-to-date FAQ and information. Any questions not answered here can be directed to
[email protected] (regardless of region, this is our primary mailbox for
assistance).

Q: How much do courses cost?

A: Please see the Learning Paths and Appendix A for pricing and links to course descriptions
and durations. This information is also available via our pricing list.

Q: What is the difference between a learning path and a certification track?

A: Learning paths are designed to give students a comprehensive list of courses which includes
all the information they need to become a subject matter expert. Course prerequisites are
detailed on each of the course descriptions. See the Learning Paths and Appendix A for more
information. Splunk Certification develops exams and issues digital badges based on varying
levels of knowledge and competency with Splunk products. Most certifications do not require
course completion, but we do offer recommended coursework to candidates who do not have
on-the-job experience or knowledge. Highly technical tracks do include required prerequisite
courses which must be completed by all candidates, regardless of experience. For more
information, please refer to our Splunk Certification Candidate Handbook.

Q: I completed a course. How do I access my certificate of completion?

A: Please login here to access your completion certificates.

Q: I completed an eLearning and want to practice the labs again. Can I regain access?
A: Each eLearning with Labs registration comes with access to labs up to three times. Each lab
access lasts up to four hours. You can access the labs by launching the course from your
profile. Additional lab time cannot be granted. Please note, to receive a certificate of completion
for the eLearning course, you need to complete the course and all labs within one of the four
hour lab sessions.

Q: I want to use my course materials to study for a certification exam, but no longer have
them. Where can I download them?
A: Please send a request to [email protected] for assistance.

Splunk Education | Student Handbook 28

CANDIDATE SUPPORT/FAQ (continued)

Q: When do EDU credits expire? Is there a way to get an extension?

A: EDU credits expire 12 months from the date of purchase. This means that the courses must
begin prior to the expiration date. Splunk has released a training credit extension SKU
(EDU-UNIT-EXT) which enables customers to extend eligible training credits for an additional 12
months for only $2,500. This extension cannot be purchased with existing credits, cannot be
used for credits that were previously extended for any reason and must be purchased before
the expiration date.

Q: I have existing EDU credits. Can I use them for certification exam registration?
A: Yes! Fifty (50) training credits can be converted to purchase a five-pack of certification exam
vouchers. Please send a request to [email protected] for assistance. Partner credits
which were purchased at a discounted price of $5 USD per credit can be used, as well, with
(100) EDU credits equalling a five-pack of certification exam vouchers.

Q: In what languages are instructor-led courses available? In which time zones?

A: Our instructor-led courses are currently available for delivery in English, Spanish, French,
German, Portuguese, Japanese and Mandarin. We also have Authorized Learning Partners
(ALPs) who can deliver in French, Swedish, Norwegian, Danish, Italian, Spanish, Portuguese,
German, Polish, Japanese, Korean, Mandarin, Indonesian (Bahasa Indonesia), Thai and
Vietnamese. Translators can be hired, as needed (at the expense of the customer). Courses are
globally available in several time zones. Please note: the location for virtual courses indicates
the time zone for delivery.

Splunk Education | Student Handbook 29

SPLUNK POLICIES

Splunk Education Store Terms and Conditions

Splunk Privacy Policy

Splunk Terms of Use

The above policies are not included in full in the Education Handbook as they are subject
to change and are best referenced via our website to ensure the most current, accurate
information is available.

Splunk Education | Student Handbook 30

APPENDIX A

Here is a complete list of our current paid course offerings, in alphabetical order. Please
see here for a list of free training resources.

Each of the below courses may include prerequisite courses. These courses include modules
and hands-on labs. Please visit the course pages for more information including course
descriptions, public class schedules and registration information.

Unsure of which courses you need? Please review the Learning Paths here. Looking for
continuing education courses to recertify with Splunk Certification? Please see our
Recertification Policy for which courses qualify for each specific certification track.

COURSE (Paid Only) DURATION PRICE

(Hours)

Administering Spunk SOAR 3.5 $500 or 50 credits

Administering Splunk Enterprise Security 13.5 $1,500 or 150 credits

Advanced Dashboards and Visualizations 4.5 $500 or 50 credits

Architecting Splunk Enterprise Deployments 9 $1,500 or 150 credits

Automation Using the REST and SignalFlow API 9 $1,000 or 100 credits

Building Splunk Apps 9 $1,500 or 3 credit

Comparing Values 3 $500 or 50 credits

Configuring Tracing and Profiling for Splunk APM 3 $500 or 50 credits

Correlation Analysis 3 $500 or 50 credits

Creating Field Extractions 3 $500 or 50 credits

Creating Knowledge Objects 3 $500 or 50 credits

Creating Maps 3 $500 or 50 credits

Data Models 3 $500 or 50 credits

Developing SOAR Playbooks 9 $1,000 or 100 credits

Developing with Splunk’s REST API 9 $1,000 or 100 credits

Splunk Education | Student Handbook 31

Dynamic Dashboards 3 $500 or 50 credits

Enriching Data with Lookups 3 $500 or 50 credits

Implementing Splunk Data Stream Processor (DSP) 18 $2,000 or 200 credits

Implementing Splunk IT Service Intelligence 18 $2,000 or 200 credits

Implementing Splunk SmartStore 4.5 $500 or 50 credits

Ingesting Application Metrics in Splunk IM 4.5 $500 or 50 credits

Introduction to Dashboards* 3 $500 or 50 credits

Investigating Incidents with Splunk SOAR 3.5 $500 or 50 credits

Kubernetes Monitoring with Splunk Observability 3 $500 or 50 credits
Cloud

Leveraging Lookups and Sub-searches 3 $500 or 50 credits

Multivalue Fields 3 $500 or 50 credits

Result Modification 3 $500 or 50 credits

Scheduling Reports and Alerts* (eLearning with Labs) 3 $500 or 50 credits

Search Optimization 3 $500 or 50 credits

Search Under the Hood* (eLearning with Labs) 3 $500 or 50 credits

Splunk Cloud Administration 18 $2,000 or 200 credits

Splunk Cluster Administration 13.5 $1,500 or 150 credits

Splunk Deployment Practical Lab 24 $1,000 or 100 credits

Splunk Enterprise Data Administration 13.5 $1,500 or 150 credits

Splunk Enterprise System Administration 9 $1,000 or 100 credits

Splunk for Analytics and Data Science 13.5 $1,500 or 150 credits

Splunk Infrastructure Monitoring Fundamentals 4.5 $500 or 50 credits

Splunk On-Call Administration 4.5 $500 or 50 credits

Statistical Processing 3 $500 or 50 credits

Transitioning to Splunk Cloud 9 $1,000 or 100 credits

Splunk Education | Student Handbook 32

Troubleshooting Splunk Enterprise 9 $1,000 or 100 credits

Using Fields* 3 $500 or 50 credits

Using Splunk Application Performance Monitoring 4.5 $500 or 50 credits

Using Splunk Enterprise Security 13.5 $1,500 or 150 credits

Using Splunk IT Service Intelligence 4.5 $500 or 50 credits

Using Splunk Mission Control 4.5 $500 or 50 credits

Using the Log Observer 4.5 $500 or 50 credits

Using the Splunk IM Terraform Provider 9 $1,000 or 100 credits

Visualizations* (eLearning with Labs) 3 $500 or 50 credits

Visualizing and Alerting in Splunk Infrastructure 4.5 $500 or 50 credits
Monitoring

Working with Metrics in Splunk 9 $1,000 or 100 credits

Working with Time 3 $500 or 50 credits

* These courses are also available as free eLearning with no labs.

Splunk Education | Student Handbook 33