From Splunk to Dynatrace: Observability Modernization Workshop
Transforming Dashboards, Alerts & Logs with Real-World Scenarios
Duration
3 Day
Level
Advanced Level
Design and Tailor this course
As per your team needs
Overview
This advanced, hands-on training is designed for cross-functional teams involved in the migration of log and observability objects from Splunk to Dynatrace. The focus is on practical execution – converting Splunk dashboards, alerts, reports, macros, and lookups into their Dynatrace counterparts using industry best practices and native tooling.
Participants will gain direct, tool-based experience with:
- Mapping and migrating core Splunk content
- Building equivalent Dynatrace entities
- Designing log ingestion pipelines
- Setting up custom metrics, events, and dashboards in Dynatrace
This training assumes prior experience with observability platforms and will emphasize technical implementation over conceptual overviews.
Audience
- SREs and Observability Engineers
- Splunk Administrators
- Dynatrace Administrators
- Backend/Full-Stack Developers
- Solution Architects and Platform Engineers
Prerequisites
- Working knowledge of Splunk (alerts, dashboards, queries)
- Familiarity with Dynatrace (basic navigation, entities, metrics)
- Experience with observability/log management concepts
Curriculum
- Review: Splunk dashboards, panels, searches, macros, lookups, saved searches
- Object dependencies and reuse patterns in Splunk
- Exporting and analyzing JSON/XML definitions
- Hands-On:
- Identify and export key Splunk objects from a sample instance
- Analyze lookup table usage and macro dependencies
- Dynatrace metrics, custom events, problems, entities
- Log ingestion & processing pipeline (OneAgent, API, log shipper)
- Dashboards and tile configurations (classic vs Notebooks)
- Hands-On:
- Explore Dynatrace UI: logs, metrics, dashboards, problems
- Deploy log shipping setup (manual or API-based ingestion)
- Mapping Splunk to Dynatrace object equivalents
- Common gaps and feature mismatches
- Architecture considerations: agent-based vs agentless
- Hands-On:
- Create a migration mapping plan for sample Splunk objects
- Define pre-checklist for production readiness
- Translating Splunk SPL to Dynatrace DQL or metric expressions
- Rebuilding charts, filters, and layouts
- Managing data sources and filtering scopes
- Hands-On:
- Recreate 2–3 sample Splunk dashboards in Dynatrace
- Use templates, pin filters, and metadata tags
- Splunk alert structure vs Dynatrace alerting (problems, events)
- Custom metric-based alerts, log-based alerting
- Baseline behavior, thresholds, and automatic detection
- Hands-On:
- Migrate a saved search-based alert from Splunk to Dynatrace
- Set up a custom alert based on log content or service degradation
- Understanding Splunk lookups vs Dynatrace metadata enrichment
- Splunk macros vs Dynatrace variables / tagging logic
- Limitations and alternatives
- Hands-On:
- Emulate a lookup-based enrichment using custom entity tags
- Translate a macro-driven dashboard panel to Dynatrace logic
- OneAgent vs Log ingest API
- Custom parsing rules and log enrichment
- Integration with Fluent Bit, Logstash (if needed)
- Hands-On:
- Send logs via API and parse with Dynatrace rules
- Apply rules for value extraction and tagging
- Dynatrace API for dashboards, events, metrics
- Automating alert creation and tag assignment
- Scripting object migrations
- Hands-On:
- Create Dynatrace dashboard via API
- Batch tag services or hosts using scripting
- Documentation and version control of observability artifacts
- Monitoring migration success
- Stakeholder communication and team coordination
- Hands-On:
- Build a reusable migration tracker template
- Conduct a simulated end-to-end dashboard migration review
Duration
3 Day
Level
Advanced Level
Design and Tailor this course
As per your team needs
