A Splunk Enterprise Security Certified Admin manages a Splunk Enterprise Security environment, including ES event processing and normalization, deployment requirements, technology add-ons, settings, risk analysis settings, threat intelligence and protocol intelligence configuration, and customizations. This certification demonstrates an individual's ability to install, configure, and manage a Splunk Enterprise Security deployment.
A complete and very detailed overview of all Splunk Certifications can be found in the Splunk Certification Candidate Handbook.
Candidates for the Splunk Enterprise Security Certified Admin exam are expected to have working knowledge and experience as either Splunk Cloud or Splunk Enterprise Administrators.
Recommended training for this certification
Candidates who wish to prepare for the Splunk Enterprise Security Certified Admin exam are recommended to complete the following module:
Splunk Enterprise Security Certified Admin Exam