Splunk Courses for Enterprise Security End-Users: Advanced Searching and Reporting
This Splunk Courses for Enterprise Security End-Users: Advanced Searching and Reporting training course focuses on more advanced search and reporting commands. The examples and hands-on challenges empower the users to make robust searches, reports, and charts. Students are explained through complex searches to produce final results. Lessons involve optimizing searches, additional charting commands, and the functions, configuration, and calculating results, and using combined searches and subsearches.
Splunk Enterprise Security is the nerve center of the security ecosystem, offering teams the insight to detect quickly and the respond to internal and the external attacks, the threat management minimizing risk. Splunk Enterprise Security is a premium security solution wanting a paid license.
-
Module 1 – Using Search Efficiently
- Lesson 1: Review search architecture
- Lesson 2: Understand how the components of a bucket (.tsidx an djournal.gz files) are used
- Lesson 3: How bloom filters are used to improve search speed
- Lesson 4: Describe the parts of a search string
- Lesson 5: Understand the use of centralized vs. distributable commands
- Lesson 6: Create better searches
-
Module 2 – More Search Tuning
-
Module 3 – Manipulating and Filtering Data
-
Module 4 – Working with Multivalue Fields
-
Module 5 – Using Advanced Transactions
-
Module 6 – Working with Time
-
Module 7 – Combining Searches
-
Module 8 – Using Subsearches
-
Module 9 – Some Extra Tips
0.00 average based on 0 ratings