Splunk Power User Fast Start
- • Jun 15–18, 2026 · Live Remote Online, 9:00 AM–3:00 PM ET
- • Jul 20–23, 2026 · Live Remote Online, 10:00 AM–4:00 PM ET
- • Sep 14–17, 2026 · Live Remote Online, 12:00 PM–6:00 PM ET
- • Oct 20–23, 2026 · Live Remote Online, 9:00 AM–3:00 PM ET
- • Dec 7–10, 2026 · Live Remote Online, 10:00 AM–4:00 PM ET
Contact IT Dojo for current pricing, available dates, and a custom quote tailored to your team or organization.
Course Duration
4 Days
Audience
Employees of federal, state and local governments; and businesses working with the government.
Prerequisites
Students should have a solid understanding of how Splunk works and be able to create basic searches and visualizations. RECOMMENDED: Splunk Foundation Fast Start (SF-FS).
Course Description
This Splunk Power User Fast Start course covers over 60 commands, functions, and knowledge objects, giving users actionable information about searching best practices and knowledge management. Students learn to effectively use time in searches, work with different time zones, use transforming commands and eval functions to calculate statistics, compare field values, manipulate output, normalize fields, correlate and filter data from multiple sources, and create, manage, and share knowledge objects. The series consists of eight modules with 24 hours of content over four days.
Learning Objectives
- Utilize over 60 commands and functions to transform, manipulate, normalize, correlate, and filter data.
- Filter data using time modifiers and time commands and use formatting functions to accommodate various time formats.
- Calculate statistics using transforming commands and mathematical and statistical eval functions.
- Compare, manipulate, and normalize data using the eval command and an array of statistical, comparison, conditional, and formatting functions.
- Calculate co-occurrence between fields and analyze data from multiple datasets.
- Create, curate, manage, and share knowledge objects.
Course Outline
Topic 1 – Working with Time
- Formatting Time
- Comparing Index Time versus Search Time
- Using Time Commands
- Working with Time Zones
Topic 2 – Statistical Processing
- What is a Data Series?
- Transforming Data
- Manipulating Data with eval
- Formatting Data
Topic 3 – Comparing Values
- Using eval to Compare
- Filtering with where
Topic 4 – Result Modification
- Manipulating Output
- Modifying Results Sets
- Managing Missing Data
- Modifying Field Values
- Normalizing with eval
Topic 5 – Correlation Analysis
- Calculate Co-Occurrence Between Fields
- Analyze Multiple Datasets
Topic 6 – Intro to Knowledge Objects
- What are Knowledge Objects?
- Knowledge Object Settings
- Managing Knowledge Objects
Topic 7 – Creating Knowledge Objects
- Knowledge Objects and Search-time Operations
- Creating Event Types
- Using Event Type Builder
- Creating Workflow Actions
- Creating Tags and Aliases
- Creating Search Macros
Topic 8 – Creating Field Extractions
- Using the Field Extractor
- Creating Regex Field Extractions
- Creating Delimited Field Extractions
Topic 9 – Data Models
- Introducing Data Model Datasets
- Designing Data Models
- Creating a Pivot
- Accelerating Data Models
This Power User "Fast Start" course covers over 60 commands, functions, and knowledge objects to provide users with actionable information about searching best practices and knowledge management. Students will learn how to effectively utilize time in searches, work with different time zones, use transforming commands and eval functions to calculate statistics, compare field values with eval functions and eval expressions, manipulate output, normalize fields and field values, correlate and filter data from multiple sources, and create, manage, and share knowledge objects.
This series consists of eight modules with 24 hours of content over 4 days.
More advanced Splunk courses are available — contact us for details.
IT Dojo is headquartered in Virginia Beach, VA and serves DoD, Navy, and federal clients throughout Hampton Roads and nationwide. Looking for Splunk training near you? See our location-specific pages: Splunk Training in Virginia Beach and Splunk Training in Hampton Roads, Splunk Training in Northern Virginia, and Splunk Training in Washington DC.
Frequently Asked Questions
What does the Splunk Power User Fast Start course cover?
This course covers over 60 Splunk commands, functions, and knowledge objects across eight modules — working with time, statistical processing, comparing and modifying results, correlation analysis, and creating field extractions, data models, and knowledge objects. IT Dojo delivers it as live instructor-led training for federal, DoD, and corporate security professionals.
How long is IT Dojo's Splunk Power User Fast Start training?
Splunk Power User Fast Start is a 4 days course. It is available as live remote online instruction or on-site at your facility.
Is this course available as live remote online training?
Yes. IT Dojo offers Splunk Power User Fast Start as live remote online training led in real time by a certified instructor. On-site delivery at your government facility or contractor location is also available.
Does IT Dojo offer this training on-site at government or DoD facilities?
Yes. IT Dojo delivers Splunk Power User Fast Start on-site at government agencies, DoD commands, military installations, and contractor facilities. On-site training is ideal for teams and can be customized to your organization's workflows. Contact IT Dojo to schedule.
How do I register for this course?
IT Dojo training is employer sponsored. Your organization registers and pays for seats. To schedule Splunk Power User Fast Start for your team, contact IT Dojo via the Request Training form or call 757-216-3656.