Enterprise Security End Users - Splunk Learning Tracks
Learn to install, configure, manage, and use the Splunk App for Enterprise Security. Two learning paths cover both security analysts and Splunk administrators or architects.
Splunk Track for Enterprise Security, splunk Enterprise Security track, ingeniq splunk training for Enterprise Security
page-template-default,page,page-id-15585,page-child,parent-pageid-13126,ajax_fade,page_not_loaded,,qode-theme-ver-1.5,wpb-js-composer js-comp-ver-4.3.5,vc_responsive

For Enterprise Security End Users

This path prepares security practitioners to use splunk Enterprise Security (ES). Students will use ES to identify and track security incidents, analyse security risks, use predictive analytics and threat discovery.

Click on a course below to view a course description, class schedules, and register.

Splunk Fundamentals 1

This self-paced e-learning teaches you how to search and navigate in Splunk, use fields, get statistics from your data, create reports, dashboards, lookups, and alerts. It will also introduce you to Splunk’s datasets features and Pivot interface.

Splunk Fundamentals 2

This course focuses on searching and reporting commands as well as on the creation of knowledge objects. Major topics include using transforming commands and visualizations, filtering and formatting results, correlating events, creating knowledge objects, using field aliases and calculated fields, creating tags and event types, using macros, creating workflow actions and data models, and normalizing data with the Common Interface Model (CIM).

Splunk Fundamentals 3

This course runs over 4 days and focuses on additional search commands as well as advanced use of knowledge objects. Major topics include advanced statistics and eval commands, advanced lookup topics, advanced alert actions, using regex and erex to extract fields, using spath to work with self-referencing data, creating nested macros and macros with event types, accelerating reports and data models.

Advanced Searching and Reporting

This 13.5 hour Splunk course focuses on more advanced search and reporting commands. Scenario-based examples and hands-on challenges enable users to create robust searches, reports, and charts. Students are coached step by step through complex searches to produce final results. Major topics include optimizing searches, additional charting commands and functions, formatting and calculating results, correlating events, and using combined searches and sub-searches.

Using Enterprise Security

This 3 virtual day course (13.5 hours) prepares security practitioners to track security incidents, analyse security risks, use predictive analytics, and threat discovery. It covers the use of Enterprise Security’s dashboards, forms and workflow to identify, find root cause and resolve security issues.