Enterprise IT Certification and Role-Based Mentoring
Get Free CounselingThreat detection, dashboarding, and incident response workflows. Built for team upskilling, internal projects, and enterprise delivery plans.
Path: Home > Programs > Cybersecurity > Splunk
Splunk Certification Roadmap
Presented in the same order as shared, so the roadmap is easy to follow and present professionally.
These focus on Splunk search and data analysis.
These are for Splunk administrators and infrastructure engineers.
These are important for SOC and cybersecurity roles.
These focus on monitoring applications and infrastructure.
Build a strong foundation of basic Splunk platform skills. You will be able to search, use fields and lookups, and create alerts and basic statistical reports and dashboards. This entry-level certification is ideal for either the Splunk Enterprise or Splunk Cloud platforms.
Extend your understanding of the Splunk platform as a power user. You will develop basic competence with searching and reporting commands and be able to create knowledge objects, tags, event types, workflow actions and data models. You will use field aliases, calculated fields and macros, and learn how to normalize data with the Common Information Model in the Splunk platform.
Deepen your knowledge and expand your skills in complex searching and reporting commands, advanced use cases for knowledge objects and best practices for building dashboards and forms. By completing this certification, you will demonstrate the ability to generate complex searches, reports and dashboards to help you get the most out of your data.
This certification builds competence in managing and configuring details for Splunk Cloud, including data inputs and forwarder configuration, data management, user accounts, basic monitoring and problem isolation. You will be able to support the day-to-day administration and health of your organization's Splunk Cloud environment.
Develop expertise in the daily management of Splunk Enterprise. From license management, indexers and search heads to configuration, monitoring and getting data into the Splunk platform, you will have the capabilities you need to administer and maintain the health of your organization's Splunk Enterprise environment.
Gain a thorough understanding of Splunk deployment methodology and best practices for planning, data collection and sizing of a distributed deployment. You will also be able to manage and troubleshoot a standard deployment with indexer and search head clustering.
Expand your understanding of Splunk deployment methodology and implementation for large Splunk platform installations. You will also gain expert-level knowledge of multi-tier Splunk architecture, clustering and scalability. With this certification, you will be able to properly size, install and implement Splunk software instances and advise others how to use the product for maximum value.
Enhance your ability to manage a Splunk Enterprise Security environment. Your expertise will include event processing and normalization, deployment requirements, technology add-ons, risk analysis settings, threat intelligence, protocol intelligence configuration and customizations. With this certification, you will be able to install, configure and manage a Splunk Enterprise Security deployment.
Grow your knowledge of monitoring mission-critical services with Splunk IT Service Intelligence. This certification teaches you to install and configure Splunk ITSI architecture, including deployment planning, service design and implementation, notable events and development of glass tables and deep dives.
Learn how to install, configure and use Splunk SOAR servers and plan, design, create and debug basic SOAR playbooks. You will gain expertise in complex SOAR solution development and will be able to integrate SOAR with the Splunk platform and develop playbooks requiring custom coding and REST API usage.
Enhance your Splunk Observability Cloud monitoring. You will take your work beyond logs and be able to use real-time monitoring at scale for every layer of the development environment. This certification path teaches you how to deploy and configure the OpenTelemetry Collector to send in metrics, find insights using analytics, visualize metrics, alert with detectors, and create efficient dashboards.
Grow your skills to be able to start as a SOC analyst using Splunk analytics, threat-hunting, risk-based alerting and industry best practices. You will be able to further your cybersecurity career and use cyber defense tools for continual monitoring as a security analyst. This certification path teaches you how to help protect businesses and mitigate risk, while managing vulnerabilities and threats using common types of cyber defense systems.
Get trainer availability, pricing, and delivery model based on your timeline.
Request Consultation