Administering Splunk Enterprise Security

Course code: SPLUNKAES

This 13.5-hour course prepares architects and systems administrators to install, configure and manage Splunk Enterprise Security. It covers ES event processing and normalization, deployment requirements, technology add-ons, settings, risk analysis settings, threat intelligence and protocol intelligence configuration, and customizations.

1 500 EUR

1 815 EUR including VAT

The earliest date from 10.10.2022

Selection of dates
daniel
Do you have a question?
+420 731 175 867 edu@edutrainings.cz

Professional
and certified lecturers

Internationally
recognized certifications

Wide range of technical
and soft skills courses

Great customer
service

Making courses
exactly to measure your needs

Course dates

Starting date: 10.10.2022

Type: Virtual

Course duration: 13h 30min

Language: en

Price without VAT: 1 500 EUR

Register

Starting date: 26.10.2022

Type: Virtual

Course duration: 13h 30min

Language: en

Price without VAT: 1 500 EUR

Register

Starting date: Individual

Type: Individual

Course duration: 3 days

Language: en

Price without VAT: 1 500 EUR

Register

Starting
date
Place
Type Course
duration
Language Price without VAT
10.10.2022 Virtual 13h 30min en 1 500 EUR Register
26.10.2022 Virtual 13h 30min en 1 500 EUR Register
Individual Individual 3 days en 1 500 EUR Register
G Guaranteed course

Didn't find a suitable date?

Write to us about listing an alternative tailor-made date.

Contact

Course structure

Module 1 – ES Introduction

  • Overview of ES features and concepts

Module 2 – Monitoring and Investigation

  • Security Posture
  • Incident Review
  • Notable events management

Module 3 – Security Intelligence

  • Overview of security intel tools

Module 4 – Forensics, Glass Tables and Navigation Control

  • Explore forensics dashboards
  • Examine glass tables
  • Configure navigation and dashboard permissions

Module 5 – ES Deployment

  • Identify deployment topologies
  • Examine the deployment checklist
  • Understand indexing strategy for ES
  • Understand ES Data Models

Module 6 – Installation and Configuration

  • Prepare a Splunk environment for installation
  • Download and install ES on a search head
  • Test a new install
  • Understand ES Splunk user accounts and roles
  • Post-install configuration tasks

Module 7 – Validating ES Data

  • Plan ES inputs
  • Configure technology add-ons

Module 8 – Custom Add-ons

  • Design a new add-on for custom data
  • Use the Add-on Builder to build a new add-on

Module 9 – Tuning Correlation Searches

  • Configure correlation search scheduling and sensitivity
  • Tune ES correlation searches

Module 10 – Creating Correlation Searches

  • Create a custom correlation search
  • Configuring adaptive responses
  • Search export/import

Module 11 – Lookups and Identity Management

  • Identify ES-specific lookups
  • Understand and configure lookup lists

Module 12 – Threat Intelligence Framework

  • Understand and configure threat intelligence
  • Configure user activity analysis

Prerequisites

To be successful, students should have a solid understanding of the following courses:

  • What is Splunk?
  • Intro to Splunk
  • Using Fields
  • Scheduling Reports and Alerts
  • Visualizations
  • Leveraging Lookups and Subsearches
  • Search Under the Hood
  • Introduction to Knowledge Objects
  • Creating Knowledge Objects
  • Creating Field Extractions
  • Enriching Data with Lookups
  • Data Models
  • Introduction to Dashboards
  • Dynamic Dashboards

Or the following legacy courses:

 

  • Splunk Fundamentals 1
  • Splunk Fundamentals 2

Students should also understand the following advanced coursework:

 

  • Splunk System Administration
  • Splunk Data Administration
  • Architecting Splunk Enterprise Deployments (recommended but not required)

Do you need advice or a tailor-made course?

daniel

Daniel Šťastný

product support

Follow-up courses

Free Splunk Fundamentals 1 en

Vendor: Splunk

Area: Big Data

Price from

0 EUR without VAT

Free Splunk User Behavior Analytics en

Vendor: Splunk

Area: Big Data

Price from

0 EUR without VAT

Advanced Searching and Reporting en

Vendor: Splunk

Area: Big Data

Price from

1 500 EUR without VAT

Splunk Infrastructure Overview en

Vendor: Splunk

Area: Big Data

Price from

0 EUR without VAT

Splunk for Analytics and Data Science en

Vendor: Splunk

Area: Big Data

Price from

1 500 EUR without VAT

Creating Dashboards with Splunk en

Vendor: Splunk

Area: Big Data

Price from

1 000 EUR without VAT

Splunk Cluster Administration en

Vendor: Splunk

Area: Big Data

Price from

1 500 EUR without VAT

Splunk Enterprise Data Administration en

Vendor: Splunk

Area: Big Data

Price from

1 500 EUR without VAT

Troubleshooting Splunk Enterprise en

Vendor: Splunk

Area: Big Data

Price from

1 000 EUR without VAT

Working with Metrics in Splunk en

Vendor: Splunk

Area: Big Data

Price from

1 000 EUR without VAT

Implementing Splunk Data Stream Processor (DSP) en

Vendor: Splunk

Area: Big Data

Price from

2 000 EUR without VAT

Splunk Cloud Administration en

Vendor: Splunk

Area: Big Data

Price from

1 000 EUR without VAT

Transitioning to Splunk Cloud en

Vendor: Splunk

Area: Big Data

Price from

500 EUR without VAT

Splunk Enterprise System Administration en

Vendor: Splunk

Area: Big Data

Price from

1 000 EUR without VAT

Splunk Enterprise System Administration en

Vendor: Splunk

Area: Big Data

Price from

1 000 EUR without VAT

Advanced Dashboards and Visualizations en

Vendor: Splunk

Area: Big Data

Price from

1 500 EUR without VAT

Building Splunk Apps en

Vendor: Splunk

Area: Big Data

Price from

1 500 EUR without VAT

Developing with Splunk’s REST API en

Vendor: Splunk

Area: Big Data

Price from

1 000 EUR without VAT

Administering Phantom en

Vendor: Splunk

Area: Big Data

Price from

1 000 EUR without VAT

Developing SOAR Playbooks en

Vendor: Splunk

Area: Big Data

Price from

1 000 EUR without VAT

Advanced Phantom Implementation en

Vendor: Splunk

Area: Big Data

Price from

1 500 EUR without VAT

Using Splunk Enterprise Security en

Vendor: Splunk

Area: Big Data

Price from

1 500 EUR without VAT

Using Splunk IT Service Intelligence en

Vendor: Splunk

Area: Big Data

Price from

500 EUR without VAT

Implementing Splunk IT Service Intelligence en

Vendor: Splunk

Area: Big Data

Price from

2 000 EUR without VAT

Implementing Splunk SmartStore en

Vendor: Splunk

Area: Big Data

Price from

500 EUR without VAT

Using Splunk Infrastructure Monitoring en

Vendor: Splunk

Area: Big Data

Price from

1 000 EUR without VAT

Kubernetes Monitoring with Splunk en

Vendor: Splunk

Area: Big Data

Price from

500 EUR without VAT

Automation Using the REST and SignalFlow APIs en

Vendor: Splunk

Area: Big Data

Price from

1 000 EUR without VAT

Using the Splunk Terraform Provider en

Vendor: Splunk

Area: Big Data

Price from

1 000 EUR without VAT

ComGate payment gateway MasterCard Logo Visa logo