Using Splunk Mission Control (USMC)

Course code: USMC

Splunk Mission Control is a cloud-based, unified security operations platform. It brings together security data, analytics, and operations so that security teams can manage incidents across the entire event lifecycle. This 4.5-hour hands-on module introduces Mission Control and illustrates its benefits to security teams. You will learn how to triage, investigate, and respond to security incidents. You will also learn how to create new response plans and build customized dashboards to gain further insights into your data.

Professional
and certified lecturers

Internationally
recognized certifications

Wide range of technical
and soft skills courses

Great customer
service

Making courses
exactly to measure your needs

Course dates

Starting date: Upon request

Type: In-person/Virtual

Course duration: 1 day

Language: en/cz

Price without VAT: 535 EUR

Register

Starting
date
Place
Type Course
duration
Language Price without VAT
Upon request In-person/Virtual 1 day en/cz 535 EUR Register
G Guaranteed course

Didn't find a suitable date?

Write to us about listing an alternative tailor-made date.

Contact

Course description

  • Mission Control overview and architecture
  • Features, capabilities, and benefits
  • Triage notables in the analyst queue
  • Start a notable investigation
  • Use and create new response templates
  • Analyze security data using dashboards

Course structure

Topic 1 – Splunk Mission Control Overview

  • Introduce Splunk Mission Control
  • Discuss features and capabilities
  • Identify benefits to security teams
  • Review the overall architecture

Topic 2 – Triage, Investigate, & Respond

  • Triage, Investigate, & Respond
  • Search for notables and filter the analyst queue
  • Use response templates in a notable investigation
  • Add notes, files, artifacts, and critical evidence to a notable

Topic 3 – Response Templates

  • Select and apply a response template for a particular use case
  • Modify the template to fit the notable investigation use case
  • Edit and delete the phases and tasks of the template
  • Create a new response template

Topic 4 – Dashboards

  • Review how to manage and create dashboards
  • Configure ad-hoc and on-premises searches
  • Add source connections for 3rd-party data sources
  • Build visualizations and utilize user inputs
  • Save and export dashboards

Prerequisites

Required:

  • Using Splunk Enterprise Security (USES)

Do you need advice or a tailor-made course?

onas

product support

ComGate payment gateway MasterCard Logo Visa logo