Splunk For SOC Analysts (New Course) [2023]

Focused View

Rishabh Gupta

9:10:34

103 View

01 - About the course

001 About the course.mp4

01:14

02 - About Splunk

001 About Splunk.mp4

03:01

002 Splunk Enterprise as a SIEM.mp4

00:34

003 Splunk segments of data pipeline.mp4

06:32

004 Splunk Components.mp4

07:02

005 Splunk Components mapping with Data pipeline segments.mp4

01:16

006 Splunk Sample Architecture.mp4

13:24

007 Conclusion Of Various Splunk Architecture Discussion.mp4

01:05

03 - Splunk Enterprise Security App Overview

001 Splunk Enterprise Security App - premium App.mp4

02:03

04 - Splunk Home Lab Setup - Windows Based On Azure

001 How to create an account in azure.mp4

02:36

002 How to apply for Splunk Enterprise Developer License.html

003 Creation of Windows VM on Azure using free Azure Credit.mp4

07:40

004 Splunk Enterprise Installation On Windows Machine.mp4

05:05

005 Splunk Developer license upload and other configuration - Windows Instance.mp4

04:14

external-links.txt

05 - Splunk home lab setup - Linux Based on VM Ware

001 Splunk Installation on Linux Machine (Centos).mp4

09:36

002 Splunk Developer License Upload & Other Configurations - Linux instance.mp4

05:29

06 - Splunk default ports

001 Splunk default ports.mp4

01:22

07 - Splunk directory structure

001 Splunk directory structure.mp4

05:09

08 - Splunk Configuration (.conf) files

001 Splunk Configuration (.conf) files.mp4

03:26

external-links.txt

09 - Splunk App

001 Splunk App.mp4

03:03

external-links.txt

10 - Lab 2 Simulation of Event Generation

001 SA-Eventgen App installtion and index creation in Splunk - Windows.mp4

07:53

002 SA- Eventgen App installation on Splunk (Linux).mp4

09:19

external-links.txt

11 - Splunk GUI Overview

001 Splunk GUI Overview.mp4

25:20

002 Available options of time ranges and abbreviations in searches.mp4

08:37

12 - Splunk Search Timeline Controls

001 Splunk Search Timeline Controls.mp4

03:28

002 Available options of time ranges and abbreviations in search bar.mp4

08:37

13 - Search Language Syntax concepts

001 Search Language Syntax concepts.mp4

10:20

14 - Case Sensitivity During Splunk Search

001 Case Sensitivity During Splunk Search.mp4

02:39

15 - Lab 3 How to upload and investigate logs in Splunk

001 Investigation file - iis logs upload.mp4

12:22

001 exchange-2016-iis.zip

002 How to upload csv (or any other structured) file in Splunk.mp4

05:28

002 nutrients.csv

16 - Lab 4 Monitor your own OS logs

001 Monitoring of own machines OS logs.mp4

04:53

17 - Splunk App In Detail With An Example From Splunk Base

001 Splunk App In Detail With An Example Of Paloalto Addon Installation.mp4

23:51

external-links.txt

18 - Splunk Configuration In Detail With An Example

001 Splunk Configuration In Detail With An Example.mp4

08:52

19 - Lab 5 Manual parsing of logs

001 Manual parsing of logs.html

external-links.txt

20 - Lab 6 How to monitor file path Example of csv file extraction

001 How to monitor file path and example of CSV file extraction.html

001 vmware-inventory.csv

external-links.txt

21 - Splunk Role Based Access

001 Splunk role based access.mp4

16:21

22 - lookup, lookup definition, automatic lookup

001 apache-httpstatus.csv

001 lookup, lookup definition, automatic lookup.html

external-links.txt

23 - Splunk Important Commands

001 commands intro.mp4

00:57

002 table commands.mp4

03:27

003 fields command.mp4

04:12

004 head command.mp4

03:30

005 tail command.mp4

01:22

006 top & rare command.mp4

03:13

007 stats command.mp4

09:52

008 timechart command.mp4

04:09

009 chart command.mp4

01:54

010 eventstats command.mp4

02:13

011 dedup command.mp4

02:17

012 sort & rename command.mp4

02:15

013 iconify command.mp4

00:43

014 highlight command.mp4

00:25

24 - Lookup Editor App Installation

001 Lookup Editor App Installation.mp4

01:32

25 - Some more search commands

001 inputlookup , outpulookup , lookup, append, rex, fillnull, transpose command.mp4

24:00

26 - Splunk KV Store (Key Value Store)

001 Splunk KV Store.mp4

07:40

27 - Installation of Splunk Add-on for Microsoft Windows

001 Installation of Splunk Add-on for Microsoft Windows.mp4

05:14

28 - Some More Splunk Search Commands

001 eval command.mp4

16:14

002 where command and Boolean operator precedence.mp4

05:16

003 multivalue functions eval command mvexpand command.mp4

09:08

29 - Types of Search Commands

001 Types of search commands and processing attributes.mp4

07:01

30 - Splunk data life cycle stages in term of buckets

001 Splunk data life cycle stages in term of buckets.mp4

05:19

31 - General Search Practices

001 General Search Practices.mp4

06:00

32 - App Creation from GUI

001 App Creation from GUI.mp4

03:11

33 - Field extractions

001 Field extractions.mp4

12:05

34 - Report & Alerts

001 Report & Alerts.mp4

12:08

35 - Some more Splunk search commands

001 iplocation and geostats command.mp4

08:23

36 - Splunk Dashboard Creation

001 Dashboard.mp4

41:46

37 - Splunk Dashboard Optimization Using Base Search

001 Dashboard Optimization.mp4

08:45

38 - Splunk Macros

001 Splunk Macros.mp4

15:42

39 - Splunk Eventtypes

001 Splunk Eventtypes.mp4

07:35

40 - Resources For Splunk Alert Use-cases & Threat Hunting Hypothesis Creation

001 research.splunk.com.mp4

03:35

external-links.txt

41 - Splunk Enterprise Security

001 Splunk Enterprise Security Part 1.mp4

14:34

002 Splunk Enterprise Security Part2.mp4

01:03:06

42 - Cheatsheets For Splunk Commands & Terms

001 Commands and some online resources to explore further on your own.html

001 Splunk-Commands.pdf

001 splunk-quick-reference-guide.pdf

43 - Interview Questions-Answers For SOC Analyst

001 Interview Questions-Answers For SOC Analyst.html

44 - Some Sample SPL to detect various threats (Usecases)

001 SOC-SIEM-Usecases.pdf

001 Sample Splunk queries to be used as a reference.html

001 Some-SPL-examples-to-detect-threat.pdf

Description

Splunk For SOC Analysts, Threat Hunters & SOC Leads

What You'll Learn?

Specially crafted course for SOC Analysts / Leads and Threat Hunters (So that you don't waste your time in learning, un-necessary things )
How to use Splunk for Security Information and Event Management (SIEM) tasks
Setting up of small home lab with real-time data in it.
Learn important commands
Learn about how to create reports, alerts, dashboard and many more things required for SOC Analysts.

Who is this for?

If you want to up your game during investigation or threat hunting using Splunk,

If you want to be a Splunk admin, then this is foundation course for you.

if you feel that you could have done better and faster investigation than others, if you were good at Splunking.

Specially crafted course for SOC Analysts / Leads and Threat Hunters (So that you don't waste your time in learning, un-necessary things )

You will find this course worth it, even if you are already working on Splunk ES. You will definitely learn lot of new things. you will learn how to do the things in a better way.

What You Need to Know?

You need to have a experience in SOC at-least for four to five months. This is not for a fresher who is completely new to SOC.

This course is more about learning Splunk, so that you can leverage Splunk Knowledge as SOC professional (SOC Analysts/Leads or Threat Hunters)

More details

Description
This course is specially designed for SOCÂ analysts, Threat hunters and SOCÂ Leads, so that they can use Splunk in completing their BAUÂ tasks.
As a SOC analyst, learning Splunk is crucial to stay ahead in the constantly evolving cybersecurity landscape. Splunk is the industry-leading tool for collecting, analyzing, and visualizing data, and it is widely used by organizations of all sizes to manage their security operations.
By learning Splunk, you can efficiently monitor your organization's network and systems logs, detect anomalies, and investigate incidents in real-time. You can also create custom dashboards and reports to visualize data and identify trends, which can help you make informed decisions and take proactive measures to prevent future security threats.
Moreover, having Splunk expertise on your resume can significantly improve your job prospects and career growth opportunities. Many organizations require SOC analysts to have Splunk skills, and the demand for Splunk professionals is rapidly increasing. So, learning Splunk not only enhances your skills and capabilities but also opens up new doors of opportunities in the cybersecurity industry.
In summary, learning Splunk is a smart investment in your career as a SOC analyst, and it can help you stay competitive and advance your career in the rapidly growing cybersecurity field.
Who this course is for:
If you want to up your game during investigation or threat hunting using Splunk,
If you want to be a Splunk admin, then this is foundation course for you.
if you feel that you could have done better and faster investigation than others, if you were good at Splunking.
Specially crafted course for SOC Analysts / Leads and Threat Hunters (So that you don't waste your time in learning, un-necessary things )
You will find this course worth it, even if you are already working on Splunk ES. You will definitely learn lot of new things. you will learn how to do the things in a better way.

User Reviews

Rating

average 0

Total votes0

Focused display

Have more than 9 + years of experience in Cyber Security field.Have worked for multiple organizations to establish their Cyber Security Practice.Academics: Master in Information Security from Indian Institute Of Information technology.Cyber Security Expert. Lives in United Arab Emirates (Dubai). Loves to travel. Working on creation of vibrant Cyber Security community. For any support reach out to: [email protected]

Udemy

View courses Udemy

Students take courses primarily to improve job-related skills.Some courses generate credit toward technical certification. Udemy has made a special effort to attract corporate trainers seeking to create coursework for employees of their company.