Building Apps with Splunk 9.0
Summary
This 6-hour course focuses on Splunk Enterprise app development. It's designed for advanced users, administrators, and developers who want to create apps for Splunk Enterprise and Splunk Cloud. Major topics include planning apps, building data generators, adding data, creating custom search commands and REST endpoints, using the KV Store, app vetting using AppInspect and app packaging.
Objectives
Topic 1 – Planning Apps
- Set up a development environment
- Improve app performance
- Identify Splunk log files
- Create a data generator
Topic 2 – Creating Apps
- Create an app
- Configure app properties
- Create app navigation
- Add app icons and logos
Topic 3 – Adding Data
- Identify ways to add data
- Explain modular vs scripted inputs
- Understand data normalization
- Review Add-on Builder
Topic 4 – Packaging Apps
- Creating an app setup page
- Define config file precedence
- Validate an app for Cloud with AppInspect
- Package an app
Prerequisites
To be successful, students should have a solid understanding of the following courses:
- Splunk Fundamentals 1
- Splunk Fundamentals 2
- Creating Dashboards
- What Is Splunk?
- Intro to Splunk
- Using Fields
- Visualizations
- Leveraging Lookups and Subsearches
- Correlation Analysis
- Search Under the Hood
- Introduction to Knowledge Objects
- Creating Knowledge Objects
- Creating Field Extractions
- Enriching Data with Lookups
- Introduction to Dashboards
- Dynamic Dashboards
- Advanced Dashboards & Visualizations
- Splunk System Administration (recommended)
