Splunk On-Call Administration (SOCA)

 

Course Content

This course is targeted towards Splunk On-call admins responsible for setting up incident response with Splunk On-Call. This 4.5-hour virtual course describes the tasks required to set up on-call teams, including defining schedules, on-call rotations and shifts. Learn to set-up and configure alerts and integrations. Explore post-incident review reports, track response metrics and customize reports. Use advanced features such as the Rules engine for advanced customization and configure webhook integrations. Learn the concepts and apply the knowledge through interactive lectures, discussions, and hands-on exercises.

Who should attend

  • Site Reliability Engineer
  • IT/Ops

Prerequisites

  • Familiar with On-Call

Outline: Splunk On-Call Administration (SOCA)

Module 1 – Getting Started with Users and Teams

  • Describe What Splunk On-Call is
  • Describe the flow of an alert/ incident in Splunk On-Call
  • Create a plan for incident response
  • Describe the layout of the On-Call User Interface
  • Create new users and teams
  • Create user paging (notification) policies
  • Create new Teams
  • Add users to teams

Module 2 – Incident Response Through Team Rotations and Escalation Policies

  • Create on-call schedules
    • Add rotations
    • Add shifts
    • Add members
  • Build escalation policies to handle incidents

Module 3 – Alert Rules Engine

  • Create Routing Keys to direct incoming alerts
  • Use the Alert Rule Engine to create alert rules
  • Use the Alert Rule Engine to transform fields

Module 4 – Integrations

  • Select appropriate external Monitoring System integrations
  • Configure common Splunk On-Call integrations

Module 5 – Reporting on Team Activity and Performance

  • Differentiate between the types of reports
  • Create a post-incident review report
  • Track response metrics
  • Customize on-call Review report
  • Track flow of incidents using the Incident Frequency report (Enterprise edition only)

Module 6 – (optional) Advanced Features

  • Use Terraform to manage On-Call
  • Use Maintenance Mode
  • Use Conference Bridge
  • Use Alert Configurations

Prices & Delivery methods

Online Training

Duration
4.5 hours

Price
  • US $ 500
  • Splunk Training Units: 50 SPC
Enroll now
Request a date
Classroom Training

Duration
4.5 hours

Price
  • United States: US $ 500
  • Splunk Training Units: 50 SPC
Enroll now
Request a date

Click on town name or "Online Training" to book Schedule

This is an Instructor-Led Classroom course
Instructor-led Online Training:   This is an Instructor-Led Online (ILO) course. These sessions are conducted via WebEx in a VoIP environment and require an Internet Connection and headset with microphone connected to your computer or laptop. If you have any questions about our online courses, feel free to contact us via phone or Email anytime.

Germany

Hamburg Enroll
Online Training Time zone: Central European Summer Time (CEST) Enroll
Berlin Enroll