Splunk Enterprise Security Administrator

Training Pack#5

Splunk Enterprise Security Admin​

Learn more, for less..


Ingeniq Training Packs are a collections of courses that when purchased together qualify for discounts of up to 25%.

Training Packs apply to all Training Tracks and Certifications – in fact to any combination of courses purchased together from Ingeniq.

Buy Training Pack#5 and you’ll sit all the courses you need to be certified as a Splunk Enterprise Security Admin.

A Splunk Certified Enterprise Security Admin manages a Splunk Enterprise Security environment, including ES event processing and normalisation, deployment requirements, technology add-ons, settings, risk analysis settings, threat intelligence, protocol intelligence configuration and customisations.

Call our Training Consultants now on 1300 245 802 or email sales@ingeniq.com.au to have this training pack tailored to you or your teams requirements.

Training Pack Courses

This virtual 9 hour course is designed for system administrators who are responsible for managing the Splunk Enterprise environment. The course provides fundamental knowledge of Splunk license manager, indexers and search heads.

 

It covers configuration, management and monitoring core Splunk Enterprise components.

This virtual 13.5 hour course is designed for system administrators who are responsible for getting data into Splunk Indexers.

This 13.5 hour course prepares architects and systems administrators to install, configure and manage Splunk Enterprise Security.

 

It covers ES event processing and normalization, deployment requirements, technology add-ons, settings, risk analysis settings, threat intelligence and protocol intelligence configuration, and customizations.

There are three ways to purchase a PearsonVUE registration voucher:

  1. Directly from PearsonVUE

  2. From Splunk (as an individual) 

  3. From Splunk (as an account)

Full instructions below.

Addon & Save!!

This course focuses on searching and reporting commands as well as on the creation of knowledge objects.


Major topics include using transforming commands and visualizations, filtering and formatting results, correlating events, creating knowledge objects, using field aliases and calculated fields, creating tags and event types, using macros, creating workflow actions and data models, and normalising data with the Common Interface Model (CIM).

This 2 day course is designed for power users who want to create fast and efficient views that include customized charts, drilldowns, advanced behaviors and visualizations.

 

Major topics include using tokens, global searches, event handlers, dynamic drilldowns and simple XML extensions for JavaScript and CSS.

This course runs over 4 days and focuses on additional search commands as well as advanced use of knowledge objects.

 

Major topics include advanced statistics and eval commands, advanced lookup topics, advanced alert actions, using regex and erex to extract fields, using spath to work with self-referencing data, creating nested macros and macros with event types, accelerating reports and data models.

This 13.5 hour Splunk course focuses on more advanced search and reporting commands. Scenario-based examples and hands-on challenges enable users to create robust searches, reports, and charts.

 

Students are coached step by step through complex searches to produce final results.

This 9 hour Splunk course focuses on large enterprise deployments. Students will learn steps and best practices for planning, data collection and sizing for a distributed deployment.

 

Workshop-style labs challenge students to make design decisions about an example enterprise deployment.

This 13.5 hour Splunk course focuses on more advanced search and reporting commands. Scenario-based examples and hands-on challenges enable users to create robust searches, reports, and charts.

 

Students are coached step by step through complex searches to produce final results.

Certifications Exam

When you’re ready to take a Splunk Certification exam, please view the Exam-Registration-Tutorial for registration assistance. As a reminder, each exam attempt costs US$125. Bulk registration vouchers can be purchased at a discounted price of five registrations for US$500.

 

How to register for your exam

There are three ways to purchase a PearsonVUE registration voucher:

1) Directly from PearsonVUE

This is the most streamlined approach. Follow the steps for account creation and exam registration provided at www.pearsonvue.com/splunk

Payment will be collected at the time of registration. You can also visit the Pearson VUE voucher store for direct purchase.

2) From Splunk (as an individual) 

Log into your existing account at Splunk.com/Education to purchase a registration code. Payment can be made via credit card or existing Splunk Education credits. Splunk will email you a unique registration code, which can be used for registration at www.pearsonvue.com/splunk . 

3) From Splunk (as an account)

Your Splunk Sales Rep can add certification exams to any deal. Once the number of vouchers has been requested, Splunk will email your unique registration codes, which can be used for registration at www.pearsonvue.com/splunk

All scheduled exams are subject to a minimum 24-hour cancellation and/or rescheduling policy. Failure to cancel or reschedule an exam within this timeframe results in forfeiture of registration fee.

One of the best trainers I've had - keeps content relevant & explains the tasks in easily understood language. Extremely knowledgeable in all fields relating to the content. Well paced & accommodated to everyone's questions & progress.

Participant, Splunk Enterprise Data Administration

Ingeniq-white-on-tx-registered-larger2.p

Copyright 2020/2021