Splunk Track for Enterprise Security - Ingeniq Training Courses
Learn to install, configure, manage, and use the Splunk App for Enterprise Security. Two learning paths cover both security analysts and Splunk administrators or architects.
Splunk Track for Enterprise Security, splunk Enterprise Security track, ingeniq splunk training for Enterprise Security
page-template-default,page,page-id-15585,page-child,parent-pageid-13126,ajax_fade,page_not_loaded,,qode-theme-ver-1.5,wpb-js-composer js-comp-ver-4.3.5,vc_responsive

For Enterprise Security End Users

This path prepares security practitioners to use splunk Enterprise Security (ES). Students will use ES to identify and track security incidents, analyse security risks, use predictive analytics and threat discovery.

Click on a course below to view a course description, class schedules, and register.

Fundamentals 1

This course teaches you how to search and navigate in Splunk, use fields, get statistics from your data, create reports, dashboards, lookups, and alerts. It will also introduce you to Splunk’s datasets features and Pivot interface.

Fundamentals 2

This course focuses on searching and reporting commands as well as on the creation of knowledge objects. Major topics include using transforming commands and visualizations, filtering and formatting results, correlating events, creating knowledge objects, using field aliases and calculated fields, creating tags and event types, using macros, creating workflow actions and data models, and normalizing data with the Common Interface Model (CIM).

Splunk Fundamentals 3

This course runs over 4 days and focuses on additional search commands as well as advanced use of knowledge objects. Major topics include advanced statistics and eval commands, advanced lookup topics, advanced alert actions, using regex and erex to extract fields, using spath to work with self-referencing data, creating nested macros and macros with event types, accelerating reports and data models.

Advanced Searching and Reporting with Splunk

This 18 hour course focuses on more advanced search and reporting commands. Scenario-based examples and hands-on challenges enable users to create robust searches, reports, and charts. Students are coached step by step through complex searches to produce final results. Major topics include the Splunk search process, using sub-searches, additional statistical commands and functions, formatting and calculating results, charting commands and options, correlating events, creating advanced lookup, and using DB Connect.

Using Splunk Enterprise Security

This course prepares security analysts and administrators to use the Splunk add-on for Enterprise Security (ES). Students will use ES to identify and track security incidents, analyse security risks, use predictive analytics, and threat discovery.