Skip to main content
Splunk Lantern

Getting started with IT Essentials Learn


If you're new to monitoring IT data within Splunk, you might be asking a few questions right now:

  • Where do I begin?
  • Where can I see popular IT Ops use cases, all in one place, and decide what's best for me to use?
  • How can I see the product in action without getting data in?
  • How can I track my developing Splunk expertise and figure out the next step in my journey?

IT Essentials Learn is designed to guide you through all of these questions, by providing curated IT content with step-by-step guidance to help you quickly gain value from IT monitoring use cases with Splunk.

IT Essentials Learn offers a use case library with prebuilt search content to teach you how to use Splunk without actually using your own data. IT Essentials Work offers out-of-the-box customizable dashboards and capabilities to onboard your data once you're ready to work, with easy upgrade to ITSI — helping you visualize and execute on your IT monitoring maturity.

Where do I begin?

You'll arrive at a home page that provides an overview of available content to explore. You can easily jump into use cases and procedures (pre-built SPL searches), the My Progress tab or click into the IT Maturity Journey tool.


Where can I see popular IT Ops use cases?

The Investigate page is home to a growing library of 60+ procedures, spanning a variety of common IT monitoring use cases including AWS, Apache, VMware and more. You can browse through all available procedures for inspiration, or quickly pinpoint the procedure you’re looking for by filtering by use case, data source or IT Maturity Journey stage.

Procedures simplify your learning by focusing on a single IT task at a time — like tracking successful logins to a server — and providing all the information you need to learn how it works. Every procedure explains the importance of the task and situation that would require it, where it falls in the IT Maturity Journey, required SPL and which data sources are involved.


How do I see the product in action without getting data in?

Figuring out what use cases will work for you is a great first step, but often you'll want to see exactly what Splunk can do with your data before you go through the full process of getting data in. For every use case within IT Essentials Learn you can experiment with demo data as well as live data, helping you see first-hand exactly how Splunk works. Users can then run the search command in-app with live or demo data, creating the accompanying visualization to view and analyze.


How can I track my developing Splunk expertise and figure out the next step in my journey?

As you continue to learn and deploy procedures, the My Progress page helps you view and track your progress by visualizing the procedures you’ve successfully deployed. You can see an aggregated summary of your progress or dive deeper with the heat map view. Both views also allow for filtering by favorites, IT Maturity Journey stage, data source or deployment status. Tracking your progress means you can also set new goals for yourself as you continue developing your Splunk expertise.


The IT Maturity Journey page maps procedures to Splunk’s prescriptive value path, designed to help you better understand where you currently are in your journey and identify the next steps forward for an improved IT strategy. It maps four distinct stages — descriptive, diagnostic, predictive and prescriptive — to benefits, primary data sources, products and use cases that commonly fall at each stage. Regularly evaluating which stage your organization has reached is a key component to moving forward in your IT journey.


Next steps

IT Essentials Work is our more advanced free app that we recommend for you next. IT Essentials Work speeds up troubleshooting using log-based analysis and offers pre-built dashboards that are automatically populated once data is in Splunk. By correlating logs and metrics for each of your entities, you’re able to use that information to observe, investigate and understand the performance of your entities.

You can find out more about IT Essentials Work here.

Additionally, these Splunk resources might help you understand and implement the recommendations in this article: