Who should attend
- Administrators
- Engineers
Certifications
This course is part of the following Certifications:
Prerequisites
To be successful, students should have a solid understanding of the following courses:
- Using Splunk Enterprise Security (USES)
- What is Splunk? (Retired)
- Intro to Splunk
- Using Fields (SUF)
- Intro to Knowledge Objects
- Creating Knowledge Objects (CKO)
- Creating Field Extractions (CFE)
- Enriching Data with Lookups (EDL)
- Data Models (SDM)
- Splunk Enterprise System Administration (SESA)
- Splunk Enterprise Data Administration (SEDA)
Course Content
This 13.5-hour course prepares Security Administrators and Engineers to install and configure Splunk Enterprise Security (ES). It covers ES event processing and normalization, deployment requirements, technology add-ons, dashboard dependencies, data models, managing risk, and customizing threat intelligence.
Please note that this class may run over three days, with 4.5 hour sessions each day, to achieve the full 13.5 hours of course content.
Deutsch