6.1 More to Learn

Video Activity
Join over 3 million cybersecurity professionals advancing their career
Sign up with
or

Already have an account? Sign In »

Time
1 hour 59 minutes
Difficulty
Beginner
CEU/CPE
2
Video Transcription
00:00
hi Before we begin our next and last video, which will be a review of the topics covered in this course, I wanted to discuss some other areas of study.
00:10
We've learned a lot in a short amount of time, but there's still so much more *** has to offer and so much more you're able to learn in this video. I'll introduce some topics that I won't fully explain.
00:22
This is intended to help you look for things to study on your own.
00:27
As a reminder Splunk does offer. Its own course is their first course of free, and I highly recommend that as a next step after finishing this one, it gets more in depth with search language timing. And it introduces some concepts we haven't covered, such as macros and lookups,
00:46
running better and more complex searches as also a great next step.
00:51
We just touched the surface of what you can. D'oh *** dot com has a great reference guide for learning other search commands. Ah, Phil Knoll Command, for example,
01:00
can replace an empty field value with the value you want.
01:03
The Make M V command can split field values lookup tables in store lists of information to compare it to search results and do many other things with
01:12
search Macros are portions of searches that could be reused and applied in other searches.
01:19
Summary indexing involves writing searches or report
01:23
results to a unique index. They can help
01:26
improve reporting efficiency, and it has other uses.
01:30
The common information model helps you normalize. Date up by having feel name an event tag standards that apply to different source types.
01:41
Again, this doesn't cover anywhere near everything, but gives you some good ideas.
01:48
A few ideas to study next door on architecture
01:51
could be understanding how to set up a distributed *** environment
01:56
and
01:57
how to be able to set up ah clustered environment.
02:00
Learning more about *** Data storage, including buckets
02:06
and getting familiar with the files and file structure used
02:09
Bye splint could be another good direction.
02:12
You may also want to study how to load balance, such as I have in a Ford, or be able to send the multiple indexers in case one is unreachable.
02:22
And
02:23
there's a lot to learn about hardware planning and best practices for sport.
02:29
You'll likely also want to spend some time browsing the many different APS and add ons available on *** base,
02:36
and you may want to learn how to create your own APS.
02:39
As you use one more,
02:43
you'll find the need to troubleshoot various problems that come up.
02:46
You might learn to use the command line tool called be tool to help troubleshoot
02:52
configuration file issues.
02:53
You could look at the job inspector to try and evaluate search performance.
02:59
You could dig into spunky or crash logs to try and identify issues.
03:04
You may also want to learn more about ***, licensing howto make intelligent purchases for your company and lead Splunk related projects.
03:12
You might also want to learn more about other split products and identify ways to automate and streamline business activities.
03:20
These are just a few ideas.
03:23
You've already learned a lot,
03:23
and you should have a good foundation for moving forward with your *** goals.
03:29
And her next video will have a final review
Up Next
Introduction to Splunk

This Splunk training class is designed to quickly introduce you to Splunk and its many capabilities.

Instructed By