Administering Splunk ES
Module 1
ES Introduction
Module 2
Monitoring and Investigation
Module 3
Security Intelligence
Module 4
Forensics, Glass Tables and Navigation Control
Module 5
ES Deployment
Module 6
Installation and Configuration
Module 7
Validating ES Data
Module 8
Custom Add-ons
Module 9
Tuning Correlation Searches
Module 10
Creating Correlation Searches
Module 11
Lookups and Identity Management
Module 12
Threat Intelligence Framework

Administering Splunk ES

$1500 USD
Categories:
Reviews:
Administering Splunk ES

About this course

With its growing popularity and demand, Splunk professionals are one of the highest paying in the world. Splunk training is best suited for users that work with and administer big data. Analytics managers, Machine learning professionals, Systems Administrators, and beginners looking to get into the field of analytics can benefit from Splunk training. Learning Splunk does not require a technical background making it an appealing option for users with diverse educational backgrounds that are looking to get into the field of big data.

 

Number of jobs in the U.S. – 16,000+ (Source: LinkedIn)

 

S. National Average salary – $125,571/year (Source: ZipRecruiter)

 

This is an advanced level course for someone who has a good understanding of Splunk Administration. Students that don’t have any knowledge of Splunk Administration should first take the Splunk Admin Course. All topics of Splunk Enterprise Security training are covered in this course.

 

Prerequisite – Splunk Admin

Syllabus

This is an advanced level course for someone who has a good understanding of Splunk Administration. Students that don’t have any knowledge of Splunk Administration should first take the Splunk Admin Course.

Module 1
ES Introduction

• Overview of ES features and concepts

Module 2
Monitoring and Investigation

• Security Posture • Incident Review • Notable events management

Module 3
Security Intelligence

• Overview of security intel tools

Module 4
Forensics, Glass Tables and Navigation Control

• Explore forensics dashboards • Examine glass tables • Configure navigation and dashboard permissions

Module 5
ES Deployment

• Identify deployment topologies • Examine the deployment checklist • Understand indexing strategy for ES • Understand ES Data Models

Module 6
Installation and Configuration

• Prepare a Splunk environment for installation • Download and install ES on a search head • Test a new install • Understand ES Splunk user accounts and roles • Post-install configuration tasks

Module 7
Validating ES Data

• Plan ES inputs • Configure technology add-ons

Module 8
Custom Add-ons

• Design a new add-on for custom data • Use the Add-on Builder to build a new add-on

Module 9
Tuning Correlation Searches

• Configure correlation search scheduling and sensitivity • Tune ES correlation searches

Module 10
Creating Correlation Searches

• Create a custom correlation search • Configuring adaptive responses • Search export/import

Module 11
Lookups and Identity Management

• Identify ES-specific lookups • Understand and configure lookup lists

Module 12
Threat Intelligence Framework

• Understand and configure threat intelligence • Configure user activity analysis