This course was created with the
course builder. Create your online course today.
Start now
Create your course
with
Autoplay
Autocomplete
Previous Lesson
Complete and Continue
SIEM Analyst Foundations with Splunk
1.0 Introduction
Welcome to the Introduction to Splunk Program! (0:29)
About the Instructor (1:18)
What to Expect (1:34)
Course Syllabus
Article - Splunk State of the Security 2022
2.0 SIEM Fundamental's
What exactly is a SIEM? (11:43)
Understanding why Monitoring, Detection, Logging and Collection in a SIEM platform (16:56)
UBEA (User Behavior Analytics) (7:21)
Business Scenario
Assignments
Quiz
3.0 Splunk Basics
What the Hell is Splunk and why do firms use Splunk? (6:25)
Defining Splunk Apps (12:46)
Navigating through Splunk Web and customizing your user settings (15:32)
Assignments
Quiz
4.0 Core Architecture
What is a Forwarder? (9:07)
What is an Indexer? (8:48)
What exactly is a Search Head? (9:02)
Full Data Pipeline Process (10:26)
Assignments
Quiz
Article - Splunk Fast-track-your-multicloud-monitoring-initiative
5.0 Downloading and Installing Splunk Enterprise
Creating a Splunk and AWS Account (2:29)
Downloading Splunk Enterprise on a Linux Machine (17:53)
Configuring your AWS Instance and Logging into Splunk Web (6:04)
Assignments
Quiz
6.0 Basic Searching
Search and Reporting App Running Basic Searches (12:56)
Best practices for setting the time range (6:39)
Contents of Search Results and Saving your Search Results (5:26)
Assignments
Quiz
7.0 Ingesting Data
Learning the 3 primary ways to get data into Splunk (10:34)
Doing a static ingestion of our datasets for the lab environment (8:47)
Onboarding Data Using Lookup Table (12:02)
Assignments
Quiz
8.0 Search Language Fundamentals and Understanding Fields
Reviewing basic search commands (8:50)
Using the Following commands to perform searches: tables, rename fields, dedup & sort (12:12)
Search Best Practices (9:58)
Assignments
Quiz
Article - Elastic Guide-to-high-volume-data-sources-for-siem
9.0 Using Basic Transforming Commands
The top command (6:19)
The rare command (3:11)
The stats command (8:19)
Assignments
Quiz
10.0 Creating Reports and Dashboards
Understanding what exactly a Report and a Dashboard is (6:44)
How to create Reports (7:46)
How to create Dashboards (17:49)
Capstone/Assignment
Quiz
Capstone Presentation tips and Tricks (7:41)
11.0 Creating Scheduled Reports and Alerts
Describing and Configuring Scheduled Reports (6:54)
Describing and Creating Alerts (6:02)
Capstone/Assignments
Quiz
12.0 Welcome to Part 2 of the Introduction Program!
What to Expect. (1:59)
Overview of Part One of the Introduction Program (4:27)
Preparing to Start Part 2 of the Program (6:35)
Business Scenario Part 2
Assignment
13.0 More Transforming Commands and Visualization's
Using and understanding the Chart Command (14:13)
Using and understanding the Timechart Command (8:14)
Assignment
Quiz
14.0 How to Filter and Format Results
Understanding and using the Eval Command (9:43)
Learning to filter results by using the search and where commands (10:48)
Understanding and using the fillnull command (6:45)
Assignment
Quiz
Article - Microsoft Security How the Cloud is Transforming Security Operations
15.0 Knowledge Objects Tags and Event Types
Learning understanding how to create and use field aliases (17:32)
Learning understanding how to use calculated fields (8:47)
Understanding and using tags (10:47)
Describing and creating event types (6:13)
Learning how to create Workflows (7:37)
Assignment
Quiz
16.0 Understanding what and how to use a Data Model
Learning the differences between a data model and a pivot (6:10)
Creating a Data Model (15:17)
Creating a Pivot based off of a Data Model (5:47)
Assignment
Quiz
17.0 Using and Understanding the Common Information Model (CIM) Add-On
Understanding what the Splunk CIM is and why it is important (5:11)
Listing the knowledge objects that come with the Splunk CIM Add-On (4:41)
Assignment
Quiz
Capstone 2
Parting Words (1:12)
Bonus Content
Splunk Security Essential's (10:28)
18.0 Ingesting and Searching Windows Logs
How to properly onboard Windows Data (15:34)
Splunking Windows Logs (16:35)
Building Detection Rules from Windows Event Codes (15:34)
Assignment
Quiz
Downloading Splunk Enterprise on a Linux Machine
Lesson content locked
If you're already enrolled,
you'll need to login
.
Enroll in Course to Unlock