Arrow Electronics, Inc.

Splunk Certifications

certification banner

Companies benefit from certified employees because they work more efficiently, reduce IT system downtimes to a minimum and thus reduce external support costs and shorten response times.

Organizations who invest in Splunk Certifications earn faster time to value and are more likely to renew and expand their license.

At Arrow ECS Education, we have a full deck of Splunk program offerings, but the basics are provided here to help you to prepare your Splunk Certifications.

Splunk Partners: buy your Splunk courses from Arrow based on your Splunk Partner discount.

Splunk Core Certified Power User
What’s on the Exam

Splunk Core Certified Power User badgeThis next-level certification exam is a 57-minute, 65-question assessment which evaluates a candidate’s knowledge and skills of field aliases and calculated fields, creating tags and event types, using macros, creating workflow actions and data models, and normalizing data with the CIM. Candidates can expect an additional 3 minutes to review the exam agreement, for a total seat time of 60 minutes.

In order to be prepared for the certification exam, Splunk recommends following course:

Course Code
Course Title
Delivery Type
Duration

SPL_SUF

Using Fields

Classroom

0,96 Hours (0,12 days)

SPL_SWWT

Working with Time

Classroom

0,96 Hours (0,12 days)

SPL_SSP

Statistical Processing

Classroom

SPL_SCV

Comparing Values

Classroom

0,96 Hours (0,12 days)

SPL_SRM

Result Modification

Classroom

0,96 Hours (0,12 days)

SPL_SLLAS

Classroom

0,96 Hours (0,12 days)

SPL_SCLAS

Correlation Analysis

Classroom

1,44 Hours (0,18 days)

SPL_SCKO

Classroom

0,96 Hours (0,12 days)

SPL_SCFE

Classroom

0,96 Hours (0,12 days)

SPL_SDM

Data Models

Classroom

0,96 Hours (0,12 days)

SPL_SSO

Search Optimization

Classroom

0,96 Hours (0,12 days)

SPL_BSA

Building Splunk Apps

Classroom, Instructor Led Online

16 Hours (2 days)

SPL_DWSRA

Classroom

2,96 Hours (0,37 days)

Splunk Core Certified Advanced Power User

Courses to prepare for this certification:

Course Code
Course Title
Delivery Type
Duration

SPL_SUF

Using Fields

Classroom

0,96 Hours (0,12 days)

SPL_SWWT

Working with Time

Classroom

0,96 Hours (0,12 days)

SPL_SSP

Statistical Processing

Classroom

SPL_SCV

Comparing Values

Classroom

0,96 Hours (0,12 days)

SPL_SRM

Result Modification

Classroom

0,96 Hours (0,12 days)

SPL_SLLAS

Classroom

0,96 Hours (0,12 days)

SPL_SCLAS

Correlation Analysis

Classroom

1,44 Hours (0,18 days)

SPL_SMF

Multivalue Fields

Classroom

0,96 Hours (0,12 days)

SPL_SCKO

Classroom

0,96 Hours (0,12 days)

SPL_SCFE

Classroom

0,96 Hours (0,12 days)

SPL_SEDWL

Classroom

1,44 Hours (0,18 days)

SPL_SDM

Data Models

Classroom

0,96 Hours (0,12 days)

SPL_SITD

Classroom

0,96 Hours (0,12 days)

SPL_SDD

Dynamic Dashboards

Classroom

0,96 Hours (0,12 days)

SPL_SSO

Search Optimization

Classroom

0,96 Hours (0,12 days)

SPL_BSA

Building Splunk Apps

Classroom, Instructor Led Online

16 Hours (2 days)

SPL_DWSRA

Classroom

2,96 Hours (0,37 days)

Splunk Cloud Certified Admin

Courses to prepare for this certification:

Course Code
Course Title
Delivery Type
Duration

SPL_SUF

Using Fields

Classroom

0,96 Hours (0,12 days)

SPL_SWWT

Working with Time

Classroom

0,96 Hours (0,12 days)

SPL_SSP

Statistical Processing

Classroom

SPL_SCV

Comparing Values

Classroom

0,96 Hours (0,12 days)

SPL_SRM

Result Modification

Classroom

0,96 Hours (0,12 days)

SPL_SCLAS

Correlation Analysis

Classroom

1,44 Hours (0,18 days)

SPL_SCKO

Classroom

0,96 Hours (0,12 days)

SPL_SCFE

Classroom

0,96 Hours (0,12 days)

SPL_SDM

Data Models

Classroom

0,96 Hours (0,12 days)

SPL_TTSC

Classroom

16 Hours (2 days)

SPL_SCA

Classroom

32 Hours (4 days)

Splunk Enterprise Certified Admin
What’s on the Exam

Splunk Enterprise Certified Admin badgeThis upper-level certification exam is a 57-minute, 56-question assessment which evaluates a candidate’s knowledge and skills to manage various components of Splunk on a daily basis, including the health of the Splunk installation. Candidates can expect an additional 3 minutes to review the exam agreement, for a total seat time of 60 minutes.

It is recommended that candidates for this certification complete the lecture, hands-on labs, and quizzes that are part of the Splunk Enterprise System Administration and Splunk Enterprise Data Administration courses in order to be prepared for the certification exam.

Courses to prepare for this certification:

Course Code
Course Title
Delivery Type
Duration

SPL_SUF

Using Fields

Classroom

0,96 Hours (0,12 days)

SPL_SWWT

Working with Time

Classroom

0,96 Hours (0,12 days)

SPL_SSP

Statistical Processing

Classroom

SPL_SCV

Comparing Values

Classroom

0,96 Hours (0,12 days)

SPL_SRM

Result Modification

Classroom

0,96 Hours (0,12 days)

SPL_SCLAS

Correlation Analysis

Classroom

1,44 Hours (0,18 days)

SPL_SCKO

Classroom

0,96 Hours (0,12 days)

SPL_SCFE

Classroom

0,96 Hours (0,12 days)

SPL_SDM

Data Models

Classroom

0,96 Hours (0,12 days)

SPL_SESA9

Classroom, Instructor Led Online

16 Hours (2 days)

SPL_SE9DA

Classroom, Instructor Led Online

24 Hours (3 days)

The following content areas are general guidelines for the content to be included on the exam:

  • Splunk deployment overview
  • License management
  • Splunk apps
  • Splunk configuration files
  • Users, roles, and authentication
  • Getting data in
  • Distributed search
  • Introduction to Splunk clusters
  • Deploy forwarders with Forwarder Management
  • Configure common Splunk data inputs
  • Customize the input parsing process
Splunk Enterprise Certified Architect
What’s on the Exam

Splunk Enterprise Certified Architect badgeThis highly technical certification exam is an 87-minute, 85-question assessment which evaluates a candidate’s knowledge and skills in Splunk Deployment Methodology and best-practices for planning, data collection, and sizing, managing, and troubleshooting a standard with indexer and search head clustering. Candidates can expect an additional 3 minutes to review the exam agreement, for a total seat time of 90 minutes.

Candidates for this certification must complete the lecture, hands-on labs, and quizzes that are part of the Architecting Splunk Enterprise Deployments, Troubleshooting Splunk Enterprise, and Splunk Enterprise Cluster Administration courses, as well as the Splunk Enterprise Deployment Practical Lab in order to be eligible for the certification exam.

Courses to prepare for this certification:

Course Code
Course Title
Delivery Type
Duration

SPL_SUF

Using Fields

Classroom

0,96 Hours (0,12 days)

SPL_SWWT

Working with Time

Classroom

0,96 Hours (0,12 days)

SPL_SSP

Statistical Processing

Classroom

SPL_SCV

Comparing Values

Classroom

0,96 Hours (0,12 days)

SPL_SRM

Result Modification

Classroom

0,96 Hours (0,12 days)

SPL_SLLAS

Classroom

0,96 Hours (0,12 days)

SPL_SCLAS

Correlation Analysis

Classroom

1,44 Hours (0,18 days)

SPL_SMF

Multivalue Fields

Classroom

0,96 Hours (0,12 days)

SPL_SCKO

Classroom

0,96 Hours (0,12 days)

SPL_SCFE

Classroom

0,96 Hours (0,12 days)

SPL_SEDWL

Classroom

1,44 Hours (0,18 days)

SPL_SDM

Data Models

Classroom

0,96 Hours (0,12 days)

SPL_SESA9

Classroom, Instructor Led Online

16 Hours (2 days)

SPL_SE9DA

Classroom, Instructor Led Online

24 Hours (3 days)

SPL_TSE

Classroom

16 Hours (2 days)

SPL_SCLUA9

Classroom

24 Hours (3 days)

SPL_ASED

Classroom

2,96 Hours (0,37 days)

SPL_SEDPL

Classroom

1,28 Hours (0,16 days)

The following content areas are general guidelines for the content to be included on the exam:

  • Requirements definition
  • Index and infrastructure planning
  • Clustering Overview
  • Forwarder and Deployment
  • Integration
  • Splunk Support model
  • Splunk troubleshooting methods and tools
  • Clarifying the problem, installation, licensing, and crash problems
  • UI and search problems
  • Configuration problems
  • Deployment problems
  • User management problems
  • Large-scale Splunk deployment overview
  • Single-site (high-availability) indexer cluster, multi-site (disaster-recovery) indexer cluster
  • Indexer cluster management and administration
  • Indexer discovery forwarder configuration
  • Search head cluster
  • Search head cluster management and administration
  • KV Store collection and lookup management
Splunk Core Certified Consultant

Courses to prepare for this certification:

Course Code
Course Title
Delivery Type
Duration

SPL_SUF

Using Fields

Classroom

0,96 Hours (0,12 days)

SPL_SWWT

Working with Time

Classroom

0,96 Hours (0,12 days)

SPL_SSP

Statistical Processing

Classroom

SPL_SCV

Comparing Values

Classroom

0,96 Hours (0,12 days)

SPL_SRM

Result Modification

Classroom

0,96 Hours (0,12 days)

SPL_SLLAS

Classroom

0,96 Hours (0,12 days)

SPL_SCLAS

Correlation Analysis

Classroom

1,44 Hours (0,18 days)

SPL_SMF

Multivalue Fields

Classroom

0,96 Hours (0,12 days)

SPL_SCKO

Classroom

0,96 Hours (0,12 days)

SPL_SCFE

Classroom

0,96 Hours (0,12 days)

SPL_SEDWL

Classroom

1,44 Hours (0,18 days)

SPL_SDM

Data Models

Classroom

0,96 Hours (0,12 days)

SPL_SSO

Search Optimization

Classroom

0,96 Hours (0,12 days)

SPL_BSA

Building Splunk Apps

Classroom, Instructor Led Online

16 Hours (2 days)

SPL_DWSRA

Classroom

2,96 Hours (0,37 days)

SPL_SESA9

Classroom, Instructor Led Online

16 Hours (2 days)

SPL_SE9DA

Classroom, Instructor Led Online

24 Hours (3 days)

SPL_TSE

Classroom

16 Hours (2 days)

SPL_SCLUA9

Classroom

24 Hours (3 days)

SPL_ASED

Classroom

2,96 Hours (0,37 days)

SPL_SEDPL

Classroom

1,28 Hours (0,16 days)

Splunk Enterprise Security Certified Admin

Courses to prepare for this certification:

Course Code
Course Title
Delivery Type
Duration

SPL_SUF

Using Fields

Classroom

0,96 Hours (0,12 days)

SPL_SCKO

Classroom

0,96 Hours (0,12 days)

SPL_SCFE

Classroom

0,96 Hours (0,12 days)

SPL_SEDWL

Classroom

1,44 Hours (0,18 days)

SPL_SDM

Data Models

Classroom

0,96 Hours (0,12 days)

SPL_SITD

Classroom

0,96 Hours (0,12 days)

SPL_SESA9

Classroom, Instructor Led Online

16 Hours (2 days)

SPL_SE9DA

Classroom, Instructor Led Online

24 Hours (3 days)

SPL_SCA

Classroom

32 Hours (4 days)

SPL_ASES7

Classroom

24 Hours (3 days)

Splunk IT Service Intelligence

Courses to prepare for this certification:

Course Code
Course Title
Delivery Type
Duration

SPL_SUF

Using Fields

Classroom

0,96 Hours (0,12 days)

SPL_SWWT

Working with Time

Classroom

0,96 Hours (0,12 days)

SPL_SCLAS

Correlation Analysis

Classroom

1,44 Hours (0,18 days)

SPL_SCKO

Classroom

0,96 Hours (0,12 days)

SPL_SDM

Data Models

Classroom

0,96 Hours (0,12 days)

SPL_SITD

Classroom

0,96 Hours (0,12 days)

SPL_SESA9

Classroom, Instructor Led Online

16 Hours (2 days)

SPL_SE9DA

Classroom, Instructor Led Online

24 Hours (3 days)

SPL_SCA

Classroom

32 Hours (4 days)

SPL_ISITI411

Classroom

32 Hours (4 days)

Splunk SOAR Certified Automation Developer

Courses to prepare for this certification:

Course Code
Course Title
Delivery Type
Duration

SPL_ASS

Classroom

1,12 Hours (0,14 days)

SPL_IIWSS

Classroom

0,96 Hours (0,12 days)

SPL_SDSP

Classroom

2,96 Hours (0,37 days)

SPL_ASI

Classroom

4,48 Hours (0,56 days)

Splunk O11y Cloud Certified Metrics User

Courses to prepare for this certification:

Course Code
Course Title
Delivery Type
Duration

SPL_VASIM

Classroom

1,44 Hours (0,18 days)

SPL_IAMSOC

Classroom, Instructor Led Online

8 Hours (1 day)

Splunk Certified Cybersecurity Defense Analyst

Courses to prepare for this certification:

Course Code
Course Title
Delivery Type
Duration

SPL_SDM

Data Models

Classroom

0,96 Hours (0,12 days)

You can book and take available Splunk exams in a VUE test center of your choice.

The cost per test is approximately $130.00.

Here you will find further information:

 

REGISTRATION PROCESS

 

Splunk cert logo

Splunk ALP logo