Overview

The Intro to Splunk Enterprise course is designed to show you how to setup the SIEM solution Splunk for a small to medium enterprise, and use it to monitor systems used within an organization. By the end of this course you will understand the importance of logs and a SIEM solution, and be able to install, manage and utilize the basic functions of the SIEM solution Splunk Enterprise whilst understanding its core components.

Course Content

Overview

05:34
Logs and SIEM Overview
04:08
Splunk Overview
02:52
Splunk Components

Installation and Search

03:01
Installation
04:23
Search Application
05:41
Basic Search, Fields and Refining
04:30
Subsearches

Dashboarding and Analysis

08:31
Visualisations and Dashboarding

Save and Export Results

04:15
Generate and Export Reports
02:48
Outputlookup vs Outputcsv

Alerting

05:15
Alerts
10:00
WMI

Data Collection, Indexing and Archiving

03:59
Syslog
04:03
Universal Forwarder and Indexing
01:57
Licensing

Chapter 3

03:25
OS and Best Practices

Pivot Points

05:39
Intro to Data Models and Pivot Tables

Splunk Apps and Add-Ons

08:31
Splunk Apps and Add-Ons

Conclusion

00:53
Splunk Review

Course Description

The Intro to Splunk Enterprise course is designed to show you how to setup the SIEM solution Splunk for a small to medium enterprise, and use it to monitor systems used within an organization. By the end of this course you will understand the importance of logs and a SIEM solution, and be able to install, manage and utilize the basic functions of the SIEM solution Splunk Enterprise whilst understanding its core components.

Instructed By

Instructor Profile Image
Jai Minton
Instructor
Certificate Of Completion

Complete this course and earn a Splunk for Small to Medium Enterprises Certificate of Completion