Splunk Courses for Phantom Customers: Administering Phantom
This Splunk Courses for Phantom Customers: Administering Phantom training course prepares Information Technology and security practitioners to install, configure and use the Phantom server in their environment and will prepare developers to attend the playbook development course.
Our certification tracks offer an education for the Splunk customer and the partner personnel according to their areas of the responsibility. Splunk is software that indexes, manages and empowers you to search for information from any application, server or network device in the real-time.
Splunk classes are designed for particular roles such as the Splunk Administrator, Developer, User, Knowledge Manager, or the Architect. The Phantom platform merges the security infrastructure orchestration, playbook automation, and the case management capabilities to integrate the team, methods, and the tools together.
Module 1 – Introduction & Concepts
Module 2 –Installation
Module 3 – Initial Configuration
Module 4 – Apps and Assets
Module 5 – Data Ingestion
Module 6 – Containers and Events
Module 7 – Mission Control
- Lesson 1: Use Mission Control to work on events
- Lesson 2: Use indicators to find matching artifacts in multiple events
- Lesson 3: Manually run actions and examine action results
- Lesson 4: Manually run playbooks
- Lesson 5: Use the vault to store related files
- Lesson 6: Using the heads-up display
- Lesson 7: Using notes
Module 8 – Case Management and Workflows
Module 9 – Multi tenancy and Clustering
Module 10 –Maintenance and reporting
0.00 average based on 0 ratings