Building Apps with Splunk 7.3

Building Apps with Splunk 7.3

Upcoming Classes


This two-day course focuses on Splunk Enterprise app development. It's designed for advanced users, administrators, and developers who want to create apps using the Splunk Web Framework. Major topics include planning app development, creating data generators and data inputs; the REST API, setup screens, KV Store, and app packaging.


  • Planning App Development
  • Creating Apps
  • Adding Data
  • Using the Splunk REST API
  • Creating a KV Store
  • Packaging Apps


2 Days


Module 1 – Planning App Development

  • Create a development environment
  • Improve app performance
  • Identify Splunk log files
  • Use security best practices
  • Create a data generator

Module 2 – Creating Apps

  • Define the web framework architecture
  • Identify ways to build Splunk apps
  • Manage apps ans add-ons
  • Create an app
  • Configure app properties
  • Create app navigation

Module 3 – Adding Data

  • List types of data inputs
  • Identify ways to add data
  • Define when to use a scripted input
  • Create a modular input

Module 4 – Using the REST API

  • Explain how the Splunk REST API works
  • Define API endpoints
  • Explain how KV Store works
  • Create a KV Store
  • Use lookups with a KV Store

Module 5 – Packaging Apps

  • Creating an app setup screen
  • Define search time precedence
  • Explain local and default differences
  • Package an app


  • Splunk Fundamentals 1 & 2
  • Creating Dashboards
  • Advanced Dashboards and Visualizations
  • System Administration with Splunk (recommended)
  • Recommended Skills
  • Experience with HTML, CSS, and XML
  • Experience with JavaScript
  • Using a terminal text editor (vi, Nano or similar)

Onsite Training

For groups of three or more

Request Quote

Public Training

AMER Pacific Time - Virtual

APAC Singapore - Virtual

EMEA Coordinated Universal Time (GMT) - Virtual

AMER Eastern Time - Virtual

Don't see a date that works for you?

Request Class