Splunk is a leading log analytics tool. Imagine you have access to all the logs generated by devices like routers, switches, firewalls, servers, cloud and desktops through a single user interface. At individual device level these logs may not make much sense but when you club them together they carry significant information about your entire network. When someone tries to hack the web server they first need to scan the network, then look for vulnerabilities on the server and finally compromise the server. With tools like Splunk, one can write a simple query in SQL (Splunk Query Language) and get the desired information at a fraction of the time. Tools like Splunk gives power to IRT (Incident response team) and also to SOC (Security Operations Center) team members.
Splunk is a market leader in log analyzer and SIEM category. Many companies have started deploying Splunk to analyze a wide variety of information from very easy to use interface. Most of the organizations are using Splunk to monitor and analyze security related events. Anyone having Splunk knowledge is a good candidate for Security Analytics or SOC team. Apart from other necessary skills required to be a master in security one need to have good skills in analytics to become a top-notch security professional.
- How to install Splunk on Linux (Cent OS)?
- How to send syslog messages to Splunk?
- How to send Firewall logs to Splunk?
- How to read local and remote files in Splunk?
- Learn in detail about SQL (Splunk Query Language).
- Create Dashboards based on user-defined criteria.
- How to configure and use alert mechanism?
- How to develop a simple app in Splunk?
To know more about the Program Pricing, just fill the form. One of our representatives will get back to you with the requested information.
- Install Splunk enterprise on Linux and window.
- Start Splunk service using terminal.
- Restart Splunk service (daemon and web) using command as well as Splunk web.
- Upload Splunk logs on Splunk enterprise using Monitor and Upload method.
- Some basic SPL query like top, fields, table, dedup, regex etc.
- Creating Dashboard and reports on Splunk.
- Learn about visualization and how to write complex Splunk query using an advance command like eval, stats, time-chart etc.
- Schedule a search and creating Alerts (real-time and scheduled with given conditions)
- Work with lookups, data models and how to use them in search
- Creating basic apps and add-ons
- Including scripts in Splunk app to modify its features