Using the Splunk REST API (DSRAPI)

 

Course Overview

Formerly Developing with Splunk's REST API.

This 9-hour course is designed for application developers and administrators that want to utilize the Splunk REST API. In this course, you will learn how to make REST API requests and parse the server responses. Major topics include authentication, server administration, and implementation of a variety of search types. You will also ingest data using the HTTP Event Collector and manage application data using the Key-Value Store.

Please note that this class may run over two days, with 4.5 hour sessions each day, with a total of nine hours of content.

Who should attend

Application developers and administrators.

Prerequisites

To be successful, students should have a solid understanding of the following:

Course Objectives

  • Describe the Splunk REST API
  • Manage servers and knowledge objects
  • Execute a search and retrieve results
  • Ingest events using the HTTP Event Collector
  • Use the Key-Value Store to manage data

Outline: Using the Splunk REST API (DSRAPI)

Topic 1 – Splunk REST API

  • Introduce REST
  • Review HTTP requests
  • Describe the Splunk REST API
  • Discuss authentication methods

Topic 2 – Response Data

  • Review HTTP responses
  • Describe the Atom specification
  • Demonstrate how to retrieve JSON
  • Explain how to parse a response

Topic 3 – Administration APIs

  • Introduce the administration APIs
  • Update configuration files
  • Work with indexes
  • Manage users

Topic 4 – Namespaces and Access Control

  • Introduce namespaces
  • Explain namespace use cases
  • Implement access control

Topic 5 – Search

  • Identify search components
  • Review search best practices
  • Create a search and retrieve results
  • Discuss oneshot searches

Topic 6 – Advanced Search

  • Utilize real-time searches
  • Summarize export searches
  • Construct saved searches
  • Understand search job management

Topic 7 – HTTP Event Collector

  • Describe the HTTP Event Collector
  • Explain token management
  • Explore data ingestion
  • Implement data acknowledgement

Topic 8 – Key-Value Store

  • Examine the Key-Value Store
  • Define and manage a collection
  • Create and manage records

Prices & Delivery methods

Online Training

Duration
9 hours

Price
  • Online Training: CAD 1,380
  • Online Training: US $ 1,000
  • Splunk Training Units: 100 SPC
Dates and Booking
Request a date
Classroom Training

Duration
9 hours

Price
  • Canada: CAD 1,380
  • Splunk Training Units: 100 SPC
Dates and Booking
Request a date

Click on town name or "Online Training" to book Schedule

Instructor-led Online Training:   This computer icon in the schedule indicates that this date/time will be conducted as Instructor-Led Online Training. If you have any questions about our online courses, feel free to contact us via phone or Email anytime.

United States

 Online Training 09:00 Eastern Daylight Time (EDT) Enroll
Online Training 09:00 Pacific Daylight Time (PDT) Enroll
Online Training 09:00 Eastern Daylight Time (EDT) Enroll
Online Training 09:00 Central Standard Time (CST) Enroll

Canada

 Online Training 09:00 Eastern Daylight Time (EDT) Enroll
Online Training 09:00 Pacific Daylight Time (PDT) Enroll
Online Training 09:00 Eastern Daylight Time (EDT) Enroll
Online Training 09:00 Central Standard Time (CST) Enroll