Course Content
This 9-hour course focuses on Splunk app and add-on development. It's designed for application developers who want to create new apps for Splunk Enterprise and Splunk Cloud. Major topics include planning apps, building a data generator, creating custom search commands and REST endpoints, app packaging and deployment, and more.
Prerequisites
To be successful, students should have a solid understanding of the following:
- Splunk system administration
- Splunk data administration
- Python or a similar scripting language
Course Objectives
- Plan, build, and manage Splunk apps
- Create a data generator
- Develop a custom search command
- Extend the Splunk REST API
- Construct a workflow action
- Validate an app with AppInspect
- Package and deploy an app
Outline: Building Splunk Classic Apps (BAWS)
Topic 1 – Planning Apps
- Describe apps and add-ons
- Set up a development environment
- Improve app performance
- Use security best practices
Topic 2 – Adding Data
- List types of data inputs
- Explain modular vs scripted inputs
- Review types of knowledge objects
- Create a data generator
Topic 3 – Creating Apps
- Create a basic app
- Configure app properties
- Identify app components
- Manage apps and add-ons
Topic 4 – Custom Search Commands
- Identify search command types
- Create a search command
- Examine Splunk metadata
- Configure access control
Topic 5 – Custom REST Endpoints
- Identify REST handler types
- Create a REST endpoint
- Examine Splunk metadata
- Configure access control
Topic 6 – Custom Workflow Actions
- Identify workflow action types
- Create a workflow action
- Examine workflow action parameters
- Configure access control
Topic 7 – Packaging Apps
- Create an app setup page
- Explain config file precedence
- Use AppInspect to validate an app
- Produce a deployable app