We recommend all candidates begin with our Splunk Core tracks, which contain knowledge and skills applicable to both Enterprise and Cloud customers.
For candidates to earn certifications with maximum efficiency, and to simplify the training process, we have designed Certification-Based Learning Paths for each. We also offer Fast Tracks for select certifications. Fast Tracks are bundles which enable candidates to complete all prerequisite certifications on the way to their goal certification.
Click on a certification or Learning Path to learn more.
A !Splunk Core Certified User is able to search, use fields, create alerts, use look-ups, and create basic statistical reports and dashboards in either the Splunk Enterprise or Splunk Cloud platforms. This foundational, entry-level certification demonstrates an individual's basic ability to navigate and use Splunk software.
A !Splunk Core Certified Power User has a basic understanding of SPL searching and reporting commands and can create knowledge objects, use field aliases and calculated fields, create tags and event types, use macros, create workflow actions and data models, and normalize data with the Common Information Model in either the Splunk Enterprise or Splunk Cloud platforms. This foundational, entry-level certification demonstrates an individual's foundational competence of Splunk’s core software.
A !Splunk Core Certified Advanced Power User has greater depth of knowledge and skills in complex searching and reporting commands, advanced use cases of knowledge objects, and best practices for building dashboards and forms. This certification demonstrates an individual’s ability to generate complex searches, reports, and dashboards with Splunk’s core software to get the most out of their data.
A !Splunk Cloud Certified Admin manages and configures details for Splunk Cloud, including data inputs and forwarder configuration, data management, user accounts, and basic monitoring and problem isolation. This certification demonstrates an individual's ability to support the day-to-day administration and health of a Splunk Cloud environment.
A !Splunk Enterprise Certified Admin manages various components of Splunk Enterprise on a daily basis, including license management, indexers and search heads, configuration, monitoring, and getting data into Splunk. This foundational, moderate-level certification, designed for Enterprise administrators, demonstrates an individual's ability to support the day-to-day administration and health of a Splunk Enterprise environment
A !Splunk Enterprise Certified Architect has a thorough understanding of Splunk Deployment Methodology and best-practices for planning, data collection, and sizing for a distributed deployment and is able to manage and troubleshoot a standard distributed deployment with indexer and search head clustering.
This highly technical certification, designed for Enterprise architects, demonstrates an individual's ability to deploy, manage, and troubleshoot complex Splunk Enterprise environments.
We also offer app-specific certifications for many of our most popular Splunk add-ons.
A !Splunk Certified Enterprise Security Admin manages a Splunk Enterprise Security environment, including ES event processing and normalization, deployment requirements, technology add-ons, settings, risk analysis settings, threat intelligence and protocol intelligence configuration, and customizations.
This app-specific certification, designed for Splunk Enterprise Security administrators, demonstrates an individual's ability to install, configure, and manage a Splunk Enterprise Security deployment.
A !Splunk IT Service Intelligence Certified Admin is able to search, use fields, create alerts, use look-ups, and create basic statistical reports and dashboards in either the Splunk Enterprise or Splunk Cloud platforms. This foundational, entry-level certification demonstrates an individual's basic ability to navigate and use Splunk software.
A !Splunk SOAR Certified Automation Developer installs, configures, and uses SOAR servers and plans, designs, creates, and debugs basic playbooks for Splunk SOAR. These highly skilled individuals are proficient in complex SOAR solution development, and can integrate SOAR with Splunk as well as develop playbooks requiring custom coding and REST API usage.
This certification demonstrates an individual's knowledge and skills in installing and configuring a SOAR server and integrating it with Splunk, as well as planning, designing, creating, and debugging playbooks.
Formerly referred to as Splunk Phantom Certified Admin
A !Splunk Certified Developer builds apps using the Splunk Web Framework. This certification, specifically designed for developers on the Splunk platform, demonstrates an individual's expertise in drilldowns, advanced behaviors and visualizations, planning, creating, and packaging apps, and REST endpoints.