Splunk Track for Enterprise Security - Ingeniq Training Courses
Learn to install, configure, manage, and use the Splunk App for Enterprise Security. Two learning paths cover both security analysts and Splunk administrators or architects.
Splunk Track for Enterprise Security, splunk Enterprise Security track, ingeniq splunk training for Enterprise Security
13458
page-template-default,page,page-id-13458,page-child,parent-pageid-13126,ajax_fade,page_not_loaded,,qode-theme-ver-1.5,wpb-js-composer js-comp-ver-4.3.5,vc_responsive

For Enterprise Security Administrators

Learn to install, configure, manage, and use the Splunk App for Enterprise Security. This path is intended for Splunk Administrators that manage Splunk Enterprise Security deployments

Click on a course below to view a course description, class schedules, and register.

Fundamentals 1 - Required Course

This course teaches you how to search and navigate in Splunk, use fields, get statistics from your data, create reports, dashboards, lookups, and alerts. It will also introduce you to Splunk’s datasets features and Pivot interface.

Fundamentals 2 - Required Course

This course focuses on searching and reporting commands as well as on the creation of knowledge objects. Major topics include using transforming commands and visualizations, filtering and formatting results, correlating events, creating knowledge objects, using field aliases and calculated fields, creating tags and event types, using macros, creating workflow actions and data models, and normalizing data with the Common Interface Model (CIM).

Advanced Searching & Reporting with Splunk - Optional Course

This 18 hour course focuses on more advanced search and reporting commands. Scenario-based examples and hands-on challenges enable users to create robust searches, reports, and charts. Students are coached step by step through complex searches to produce final results. Major topics include the Splunk search process, using sub-searches, additional statistical commands and functions, formatting and calculating results, charting commands and options, correlating events, creating advanced lookup, and using DB Connect.

Advanced Dashboard and Visualisations - Optional Course

This 12 hour splunk course is designed for power users who want to create advanced dashboards, forms, and visualizations. Major topics include editing simple XML, using tokens, global searches, event handlers, dynamic drilldowns, custom stylesheets and visualizations. Students will use best practices to build customized dashboards and forms.

Splunk Enterprise Data Administration - Required Course

This virtual 13.5 hour course is designed for system administrators who are responsible for getting data into Splunk Indexers. The course provides the fundamental knowledge of Splunk forwarders and methods to get remote data into Splunk indexers. It covers installation, configuration, management, monitoring, and troubleshooting of Splunk forwarders and Splunk Deployment Server components.

Splunk Enterprise System Administration - Required Course

This virtual 9 hour course is designed for system administrators who are responsible for managing the Splunk Enterprise environment. The course provides the fundamental knowledge of Splunk license manager, indexers and search heads. It covers configuration, management, and monitoring core Splunk Enterprise components.

Architecting Enterprise Deployments - Required Course

This 12 hour course focuses on large enterprise deployments. Students will learn steps and best practices for planning, data collection, sizing and documenting a distributed deployment. Workshop-style labs offer students an opportunity to design a deployment based on a common distributed use case.

Administering the Splunk App for Enterprise Security - Required Course

This 12 hour course prepares architects and systems administrators to install, configure and manage the Splunk app for Enterprise Security. It covers ES event processing and normalisation, deployment requirements, technology add-ons, settings, and customisations.