Course Content

Module 1: Overview

05:34
1.1 Logs and SIEM Overview
04:08
1.2 Splunk Overview
02:52
1.3 Splunk Components

Module 2: Installation and Search

03:01
2.1 Installation
04:23
2.2 Search Application
05:41
2.3 Basic Search, Fields and Refining
04:30
2.4 Subsearches

Module 3: Dashboarding and Analysis

08:31
3.1 Visualisations and Dashboarding

Module 4: Save and Export Results

04:15
4.1 Generate and Export Reports
02:48
4.2 Outputlookup vs Outputcsv

Module 5: Alerting

05:15
5.1 Alerts
10:00
5.2 WMI

Module 6: Data Collection, Indexing and Archiving

03:59
6.1 Syslog
04:03
6.2 Universal Forwarder and Indexing
01:57
6.3 Licensing

Module 7: Chapter 3

03:25
7.1 OS and Best Practices

Module 8: Pivot Points

05:39
8.1 Intro to Data Models and Pivot Tables

Module 9: Splunk Apps and Add-Ons

08:31
9.1 Splunk Apps and Add-Ons

Module 10: Conclusion

00:53
10.1 Splunk Review

Course Description

The Intro to Splunk Enterprise course is designed to show you how to setup the SIEM solution Splunk for a small to medium enterprise, and use it to monitor systems used within an organization. By the end of this course you will understand the importance of logs and a SIEM solution, and be able to install, manage and utilize the basic functions of the SIEM solution Splunk Enterprise whilst understanding its core components.