Atur jumlah dan catatan
Stok Total: Sisa 10
Subtotal
Rp700.000
Splunk for Security Analysts
Rp700.000
- Kondisi: Baru
- Min. Pemesanan: 1 Buah
- Etalase: Applied Network Defense
Learn how to use Splunk to find threats, centralize data, and make sense of logs. Built for security analysts who want to learn Splunk… by security analysts who use Splunk every day.
Splunk is a data analysis platform that allows security practitioners to centralize data, search through it, correlate events, and create security analytics and dashboards. It’s also the most popular commercial SIEM used by security teams to perform investigations and threat hunting.
Splunk for Security Analysts will teach you how to use Splunk to onboard data, extract meaningful fields, and search through it using real security data to conduct security research and investigations. This course goes beyond the documentation to provide a diverse set of real-world security data that you’ll use to gain confidence with Splunk’s extensive capabilities.
Splunk for Security Analysts
Size: 4.26 GB
Contains: 178 Files, 67 Folders
You’ll Learn…
1. The Splunk Data Pipeline
- The components of a Splunk environment
- How data travels through Splunk
- Locations of Splunk configuration files, what they do, and their precedence
- Where to find and install apps
2. Data Onboarding
- Creating indexes for storing data
- Installing and configuring Universal Forwarders to ship logs to Splunk
- Onboarding security evidence sources such as Windows Event Logs, Linux OS logs, Apache Web Server logs, CSV files, and more
- Techniques for reliably onboarding custom data sources
- How to extract important fields from data streams
3. Finding and Exploring Data
- Understand different search modes for data matching
- Organize search results with the FIELDS, TABLE, and SORT commands
- Find uncommon values with the TOP and RARE commands
- Create new fields using the EVAL and REX commands
- Create calculations using the STATS, EVENTSTATS, and STREAMSTATS commands
- Display results in graphs with the CHART and TIMECHART commands
- Optimize Splunk queries for maximum performance
4. Enrichment and Advanced Filtering
- Enrich data with lookups from internal and external sources
- Perform searches within searches (subsearches)
5. Sharing, Scheduling, and Alerting
- Save searches and share results with other analysts
- Create ad-hoc and scheduled reports from querie
- Create alerts from querie
6. Visualization and Dashboards
- Build static dashboards to display query results and charts
- Build dynamic dashboards with options for changing the search time range and inputs
- Create custom drilldowns for pivoting from search results
- Explore Dashboard Studio to quickly create new dashboards visually
7. Throughout the course, you’ll also work through real-world security scenarios, including:
- Identifying look-a-like domains used for phishing
- Finding the first time a user logged into each system on the network
- Identifying password guessing attempts with failed logons
- Finding HTTP Connections to a web server’s IP addresses rather than its domain name
- Identifying high network bandwidth consumption from a baseline
- Searching multiple data sources for common indicators
- … and many more!
FOR EDUCATION PURPOSE ONLY!
Splunk is a data analysis platform that allows security practitioners to centralize data, search through it, correlate events, and create security analytics and dashboards. It’s also the most popular commercial SIEM used by security teams to perform investigations and threat hunting.
Splunk for Security Analysts will teach you how to use Splunk to onboard data, extract meaningful fields, and search through it using real security data to conduct security research and investigations. This course goes beyond the documentation to provide a diverse set of real-world security data that you’ll use to gain confidence with Splunk’s extensive capabilities.
Splunk for Security Analysts
Size: 4.26 GB
Contains: 178 Files, 67 Folders
You’ll Learn…
1. The Splunk Data Pipeline
- The components of a Splunk environment
- How data travels through Splunk
- Locations of Splunk configuration files, what they do, and their precedence
- Where to find and install apps
2. Data Onboarding
- Creating indexes for storing data
- Installing and configuring Universal Forwarders to ship logs to Splunk
- Onboarding security evidence sources such as Windows Event Logs, Linux OS logs, Apache Web Server logs, CSV files, and more
- Techniques for reliably onboarding custom data sources
- How to extract important fields from data streams
3. Finding and Exploring Data
- Understand different search modes for data matching
- Organize search results with the FIELDS, TABLE, and SORT commands
- Find uncommon values with the TOP and RARE commands
- Create new fields using the EVAL and REX commands
- Create calculations using the STATS, EVENTSTATS, and STREAMSTATS commands
- Display results in graphs with the CHART and TIMECHART commands
- Optimize Splunk queries for maximum performance
4. Enrichment and Advanced Filtering
- Enrich data with lookups from internal and external sources
- Perform searches within searches (subsearches)
5. Sharing, Scheduling, and Alerting
- Save searches and share results with other analysts
- Create ad-hoc and scheduled reports from querie
- Create alerts from querie
6. Visualization and Dashboards
- Build static dashboards to display query results and charts
- Build dynamic dashboards with options for changing the search time range and inputs
- Create custom drilldowns for pivoting from search results
- Explore Dashboard Studio to quickly create new dashboards visually
7. Throughout the course, you’ll also work through real-world security scenarios, including:
- Identifying look-a-like domains used for phishing
- Finding the first time a user logged into each system on the network
- Identifying password guessing attempts with failed logons
- Finding HTTP Connections to a web server’s IP addresses rather than its domain name
- Identifying high network bandwidth consumption from a baseline
- Searching multiple data sources for common indicators
- … and many more!
FOR EDUCATION PURPOSE ONLY!
Ada masalah dengan produk ini?
ULASAN PEMBELI
Belum ada ulasan untuk produk ini
Beli produk ini dan jadilah yang pertama memberikan ulasan