Splunk Training Provider Authorised Learning Partner Australia

Implementing Splunk IT Service Intelligence

The Implementing Splunk IT Service Intelligence course prepares consultants to install and configure Splunk’s app for IT Service Intelligence (ITSI).

Students will learn to use ITSI to monitor mission-critical services. Topics include ITSI architecture, deployment planning, installation, service design and implementation, configuring entities, notable events, and developing glass tables and deep dives.

Splunk Credit Value : 200

Duration : 18 hours over 4 days

Time : 9:00 am - 1:30 pm AEST

*Course discounts apply for Splunk Partners. Please use the currency convertor above to check for course pricing in your local currency.

Implementing Splunk IT Service Intelligence

Great attitude to the students, encourage questions. always attempt his best to answer them. there is a lot of material but he strive through it. willingness to go beyond to do his job, well done.

Participant, Cluster Administration

Implementing Splunk IT Service Intelligence - Course Topics

ITSI architecture and deployment
Installing ITSI
Designing Services – Discovery and best practices
Implementing services and entities
Configuring correlation searches and multi KPI alerts
Managing aggregration policies and anomaly detection
Troubleshooting and maintenance

Course Prerequisites

To be successful, the students should have a solid understanding of the following courses.

Splunk Fundamentals 1

Splunk Fundamentals 2

Splunk Fundamentals 3

or the following Single Subject Courses

What is Splunk
Intro to Splunk
Using Fields
Scheduling Reports and Alerts
Visualizations
Working with Time
Leveraging Lookups and Sub-searches
Correlation Analysis
Search Under the Hood
Search Optimization
Introduction to Knowledge Objects
Creating Knowledge Objects
Creating Field Extractions
Enriching Data with Lookups
Data Models
Introduction to Dashboards
Dynamic Dashboards

Students should also have completed the following courses.

Splunk Enterprise System Administration

Splunk Enterprise Data Administration

Implementing Splunk IT Service Intelligence - Audience

Anyone whose role requires them to create complex search queries, advanced data models and reports with Splunk who have limited exposure to regular expressions. Previous attendees have included Consultants, IT Administrators and Business Intelligence/Business Analysts.

Class Format

Instructor-led lecture with labs. Delivered via virtual classroom or at your site

Related Certifications

Splunk IT Service Intelligence Certified Admin

After completing Implementing Splunk IT Service Intelligence course you will be able to

Identify and design ITSI Services and KPI’s
Understand customer requirements, and translate into an ITSI implementation
Design and Implement Glass Tables
Create and Manage Notable Events
Configure Adaptive Thresholds and Anomaly Detection
Customize Deep Dive views
Work with Entities and Dependencies.

Implementing Splunk IT Service Intelligence - Course Objectives

Module 1 - Introducing ITSI

Identify ITSI features
Describe reasons for using ITSI
Examine the ITSI user interface

Module 2 - Glass Tables

Describe glass tables
Use glass tables
Design glass tables
Configure glass tables

Module 3 - Managing Notable Events

Define key notable events terms and their relationships
Describe examples of multi – KPI Alerts
Describe the notable events workflow
Work with notable events

Module 4 - Investigating Issues with Deep Dives

Describe deep dive concepts and their relationships
Use default deep dives
Create and customize new custom deep dives
Add and configure swim lanes
Custom views
Describe effective workflows for troubleshooting

Module 5 - Installing and Configuring ITSI

List ITSI hardware recommendations
Describe ITSI deployment options
Identify ITSI components
Describe the installation procedure
Identify data input options for ITSI
Add custom data to an ITSI deployment

Module 6 - Designing Services

Given customer requirements, plan an ITSI Implementation
Identify site entities

Module 7 - Data Audit and Base Searches

Use a data audit to identify service key performance indicators
Design base searches

Module 8 – Implementing Services

Use a service design to implement services in ITSI

Module 9 – Thresholds and Time Policies

Create KPI’s with static and adaptive thresholds
Use Time policies to define flexible thresholds

Module 10 – Entities and Dependencies

Using entities in KPI Searches
Defining dependencies

Module 11 – Correlation and Multi KPI Searches

Define new correlation searches
Define Multi KPI Alerts
Manage notable event storage

Module 12 – Aggregation Policies

Create new aggregation policies
Use smart mode

Module 13 – Anomaly Detection

Enable anomaly detection
Work with generated anomaly events

Module 14 – Access Control

Configure user access control
Create services level teams

Module 15 - Troubleshooting ITSI

Backup and restore
Maintenance mode

Splunk Course Schedules and Timezones

Ingeniq Course are delivered live and in English and provide access to customers spanning multiple timezones.

Dates and times displayed for each course are relative to Australian Eastern Time (AET).

AM Marked Splunk Courses

AM marked courses start at AET 9:00am and finish at AET 1:30pm and are optimal for customers in the following countries and areas;

UTC+10 including Australia (East Coast)
UCT+11/+12 including New Zealand and the Pacific Islands
UTC-8 including USA (West Coast), Canada (West Coast)
UTC-7 including USA (Mid West)

PM Marked Splunk Courses

PM marked courses usually starts at AEDT 12:00pm or AEST 11:00 am and are optimal for customers in the following countries and areas;

UTC+10 including Australia (East Coast)
UCT+11/+12 including New Zealand and the Pacific Islands
UTC-8 including USA (West Coast), Canada (West Coast)
UTC-7 including USA (Mid West)