Product Description

This eLearning module teaches students how to create visualizations in Splunk, using Splunk's Search Processing Language as well as the Splunk Web interface. Students will learn commands that allow data to be displayed on charts and graphs, transform geographic data into maps, create single value visualizations, and use Splunk's visual formatting options to change the look of statistical tables.

This module will take roughly three hours to complete.

This eLearning option is available with and without a lab option. If a student opts to take the option without a lab, the eLearning is free.



  • Intro to Splunk eLearning module

Course Objectives

  • Formatting data using transforming commands
  • Preparing data for use in visualizations
  • Generating maps using geographic data
  • Creating and customizing single value visualizations
  • Visually formatting statistical tables


Topic 1 – Formatting Commands

  • The fields command
  • The table command
  • The dedup command
  • The addtotals command
  • The fieldformat command

Topic 2 – Visualizing Data

  • Explore visualization types
  • Use transforming commands to order results into a data table:
    • top
    • rare
    • stats
    • chart
    • timechart
    • trendline
  • Understand when to use different transforming commands

Topic 3 – Generating Maps

  • Explore geographic visualization types
  • Use commands specific to geographic data
    • iplocation
    • geostats
    • geom
  • Prepare data for use in a choropleth map

Topic 4 – Single Value Visualizations

  • Use visual formatting options for single value visualizations
  • Add a sparkline to a single value visualization
  • Use the Trellis layout to split visualizations
  • Use the gauge command
  • Use the radial, filler, and marker gauge visualization types

Topic 5 – Visual Formatting

  • Explore formatting options for statistical tables
  • Create a chart overlay
  • Explore formatting options for different types of visualizations
Free offering