Splunk Courses for Phantom Customers: Administering Phantom
This Splunk Courses for Phantom Customers: Administering Phantom training course prepares Information Technology and security practitioners to install, configure and use the Phantom server in their environment and will prepare developers to attend the playbook development course.
Our certification tracks offer an education for the Splunk customer and the partner personnel according to their areas of the responsibility. Splunk is software that indexes, manages and empowers you to search for information from any application, server or network device in the real-time.
Splunk classes are designed for particular roles such as the Splunk Administrator, Developer, User, Knowledge Manager, or the Architect. The Phantom platform merges the security infrastructure orchestration, playbook automation, and the case management capabilities to integrate the team, methods, and the tools together.
-
Module 1 – Introduction & Concepts
-
Module 2 –Installation
-
Module 3 – Initial Configuration
-
Module 4 – Apps and Assets
-
Module 5 – Data Ingestion
-
Module 6 – Containers and Events
-
Module 7 – Mission Control
- Lesson 1: Use Mission Control to work on events
- Lesson 2: Use indicators to find matching artifacts in multiple events
- Lesson 3: Manually run actions and examine action results
- Lesson 4: Manually run playbooks
- Lesson 5: Use the vault to store related files
- Lesson 6: Using the heads-up display
- Lesson 7: Using notes
-
Module 8 – Case Management and Workflows
-
Module 9 – Multi tenancy and Clustering
-
Module 10 –Maintenance and reporting
0.00 average based on 0 ratings
