Advanced Phantom Implementation

Course code: SPLUNKAPI

This three virtual-day course is intended for experienced Phantom consultants who will be responsible for complex Phantom solution development, and will prepare the attendee to integrate Phantom with Splunk as well as develop playbooks requiring custom coding and REST API usage.

1 500 EUR

1 815 EUR including VAT

Selection of dates
daniel
Do you have a question?
+420 731 175 867 edu@edutrainings.cz

Professional
and certified lecturers

Internationally
recognized certifications

Wide range of technical
and soft skills courses

Great customer
service

Making courses
exactly to measure your needs

Course dates

Starting date: Individual

Type: Individual

Course duration: 13h 30min

Language: en

Price without VAT: 1 500 EUR

Register

Starting
date
Place
Type Course
duration
Language Price without VAT
Individual Individual 13h 30min en 1 500 EUR Register
G Guaranteed course

Didn't find a suitable date?

Write to us about listing an alternative tailor-made date.

Contact

Course structure

Module 1 – Implementing Splunk and Phantom

  • Review of Phantom UI and concepts
  • Describe interactions between Splunk and Phantom
  • Identify key concepts and data flows
  • Pre-requisites for integration

Module 2 – Configuring External Splunk Search

  • Describe the benefits of externalizing search to Splunk
  • Configure the Phantom instance for externalization
  • Configure the Splunk instance for externalization
  • Use the Splunk app for Phantom Reporting

Module 3 – Sending Splunk Events to Phantom

  • Configure the Phantom Add-on for Splunk
  • Map CIM fields to CEF
  • Send Enterprise Security notables to Phantom
  • Automatically trigger Phantom playbooks for Splunk notables

Module 4 – Accessing Splunk from Phantom

  • Install and configure the Phantom App for Splunk
  • Ingest Splunk events into Phantom
  • Use Splunk search from playbooks
  • Update Splunk notable events

Module 5 – Custom Coding in Playbooks

  • Phantom coding best practices
  • Use custom function blocks
  • Using the Phantom API in custom code
  • Store and retrieve persistent data

Module 6 – Using Phantom REST

  • Use Django queries to search for data in Phantom
  • Use REST from other systems to access Phantom data
  • Use the HTTP app to execute REST from playbooks

Prerequisites

Skills and Classes:

  • Experience with Python programming
  • Administering Splunk Phantom
  • Developing Splunk Phantom Playbooks
  • Splunk Enterprise Data Administration, Splunk Enterprise System Administration, and Administering Splunk Enterprise Security OR equivalent Splunk Enterprise and Splunk Enterprise Security experience

Do you need advice or a tailor-made course?

daniel

Daniel Šťastný

product support

Follow-up courses

Free Splunk Fundamentals 1 en

Vendor: Splunk

Area: Big Data

Price from

0 EUR without VAT

Free Splunk User Behavior Analytics en

Vendor: Splunk

Area: Big Data

Price from

0 EUR without VAT

Advanced Searching and Reporting en

Vendor: Splunk

Area: Big Data

Price from

1 500 EUR without VAT

Splunk Infrastructure Overview en

Vendor: Splunk

Area: Big Data

Price from

0 EUR without VAT

Splunk for Analytics and Data Science en

Vendor: Splunk

Area: Big Data

Price from

1 500 EUR without VAT

Creating Dashboards with Splunk en

Vendor: Splunk

Area: Big Data

Price from

1 000 EUR without VAT

Splunk Cluster Administration en

Vendor: Splunk

Area: Big Data

Price from

1 500 EUR without VAT

Splunk Enterprise Data Administration en

Vendor: Splunk

Area: Big Data

Price from

1 500 EUR without VAT

Troubleshooting Splunk Enterprise en

Vendor: Splunk

Area: Big Data

Price from

1 000 EUR without VAT

Working with Metrics in Splunk en

Vendor: Splunk

Area: Big Data

Price from

1 000 EUR without VAT

Implementing Splunk Data Stream Processor (DSP) en

Vendor: Splunk

Area: Big Data

Price from

2 000 EUR without VAT

Splunk Cloud Administration en

Vendor: Splunk

Area: Big Data

Price from

1 000 EUR without VAT

Transitioning to Splunk Cloud en

Vendor: Splunk

Area: Big Data

Price from

500 EUR without VAT

Splunk Enterprise System Administration en

Vendor: Splunk

Area: Big Data

Price from

1 000 EUR without VAT

Splunk Enterprise System Administration en

Vendor: Splunk

Area: Big Data

Price from

1 000 EUR without VAT

Advanced Dashboards and Visualizations en

Vendor: Splunk

Area: Big Data

Price from

1 500 EUR without VAT

Building Splunk Apps en

Vendor: Splunk

Area: Big Data

Price from

1 500 EUR without VAT

Developing with Splunk’s REST API en

Vendor: Splunk

Area: Big Data

Price from

1 000 EUR without VAT

Administering Phantom en

Vendor: Splunk

Area: Big Data

Price from

1 000 EUR without VAT

Developing SOAR Playbooks en

Vendor: Splunk

Area: Big Data

Price from

1 000 EUR without VAT

Administering Splunk Enterprise Security en

Vendor: Splunk

Area: Big Data

Price from

1 500 EUR without VAT

Using Splunk Enterprise Security en

Vendor: Splunk

Area: Big Data

Price from

1 500 EUR without VAT

Using Splunk IT Service Intelligence en

Vendor: Splunk

Area: Big Data

Price from

500 EUR without VAT

Implementing Splunk IT Service Intelligence en

Vendor: Splunk

Area: Big Data

Price from

2 000 EUR without VAT

Implementing Splunk SmartStore en

Vendor: Splunk

Area: Big Data

Price from

500 EUR without VAT

Using Splunk Infrastructure Monitoring en

Vendor: Splunk

Area: Big Data

Price from

1 000 EUR without VAT

Kubernetes Monitoring with Splunk en

Vendor: Splunk

Area: Big Data

Price from

500 EUR without VAT

Automation Using the REST and SignalFlow APIs en

Vendor: Splunk

Area: Big Data

Price from

1 000 EUR without VAT

Using the Splunk Terraform Provider en

Vendor: Splunk

Area: Big Data

Price from

1 000 EUR without VAT

ComGate payment gateway MasterCard Logo Visa logo