Overview

This course is targeted towards Splunk On-call admins responsible for setting up incident response with Splunk On-Call. This 4.5-hour virtual course describes the tasks required to set up on-call teams, including defining schedules, on-call rotations and shifts. Learn to set-up and configure alerts and integrations. Create post incident review reports, track response metrics and customize reports. Use advanced features such as the Rules engine for advanced customization and configure webhook integrations. All concepts are taught using lectures and scenario-based hands-on activities.

Skills Covered

  • Set up Splunk On-Call teams
  • Set up integrations and configure alerts
  • Report on team activity and performance
  • Use the Rules engine to trigger custom alerts
  • Set up webhook integrations

Prerequisites

There are no prerequisites required to attend this course.

Target Audience

Everyone can attend.

Course Curriculum

Module 1: Getting Started with Users and Teams

  • Describe What Splunk On-Call is
  • Describe the flow of an alert/ incident in Splunk On-Call
  • Create a plan for incident response
  • Describe the layout of the On-Call User Interface
  • Create new users and teams
  • Create user paging (notification) policies
  • Create new Teams
  • Add users to teams

Module 2: Incident Response Through Team Rotations and Escalation Policies

  • Create on-call schedules
    • Add rotations
    • Add shifts
    • Add members
  • Build escalation policies to handle incidents

Module 3: Alert Rules Engine

  • Create Routing Keys to direct incoming alerts
  • Use the Alert Rule Engine to create alert rules
  • Use the Alert Rule Engine to transform fields

Module 4: Integrations

  • Select appropriate external Monitoring System integrations
  • Configure common Splunk On-Call integrations

Module 5: Reporting on Team Activity and Performance

  • Differentiate between the types of reports
  • Create a post-incident review report
  • Track response metrics
  • Customize on-call Review report
  • Track flow of incidents using the Incident Frequency report (Enterprise edition only)

Module 6: (Optional) Advanced Features

  • Use Terraform to manage On-Call
  • Use Maintenance Model
  • Use Conference Bridge
  • Use Alert Configurations

Dates & Locations

Let’s make it work for you

Can’t find a date that fits? Need to train your whole team? Looking for a discount?
Speak to one of our learning experts today.

x Clear all selections

July 13, 2026 - July 13, 2026

Location: Online
Modal: VILT
Availability: TBC
RM 2350
Trainocate exam and cert

Exam & Certification

This course is not associated with any Certification.

Training & Certification Guide

Frequently Asked Questions

Speak to a Training Consultant

All courses are HRD Claimable.
Get in touch with our team via the form or WhatsApp us on +6011-5119 6631

Preferred mode of training
Checkboxes