Splunk Enterprise Security Administrator
Splunk Training Pack#5
​
Splunk Enterprise Security Admin​
​
Learn more, for less..
Ingeniq Splunk Training Packs are a collections of courses that when purchased together qualify for discounts of up to 25%.
Splunk Training Packs apply to all Training Tracks and Certifications – in fact to any combination of courses purchased together from Ingeniq.
Buy Splunk Training Pack#5 and you’ll sit all the courses you need to be certified as a Splunk Enterprise Security Admin.
A Splunk Certified Enterprise Security Admin manages a Splunk Enterprise Security environment, including ES event processing and normalisation, deployment requirements, technology add-ons, settings, risk analysis settings, threat intelligence, protocol intelligence configuration and customisations.
Call our Training Consultants now on 1300 245 802 or email sales@ingeniq.com.au to have this training pack tailored to you or your team's requirements.
Splunk Training Pack Courses
This virtual 9 hour course is designed for system administrators who are responsible for managing the Splunk Enterprise environment. The course provides fundamental knowledge of Splunk license manager, indexers and search heads.
It covers configuration, management and monitoring core Splunk Enterprise components.
This 13.5 hour course prepares architects and systems administrators to install, configure and manage Splunk Enterprise Security.
It covers ES event processing and normalization, deployment requirements, technology add-ons, settings, risk analysis settings, threat intelligence and protocol intelligence configuration, and customizations.
Addon & Save!!
This course focuses on searching and reporting commands as well as on the creation of knowledge objects.
Major topics include using transforming commands and visualizations, filtering and formatting results, correlating events, creating knowledge objects, using field aliases and calculated fields, creating tags and event types, using macros, creating workflow actions and data models, and normalising data with the Common Interface Model (CIM).
This course runs over 4 days and focuses on additional search commands as well as advanced use of knowledge objects.
Major topics include advanced statistics and eval commands, advanced lookup topics, advanced alert actions, using regex and erex to extract fields, using spath to work with self-referencing data, creating nested macros and macros with event types, accelerating reports and data models.
This 9 hour Splunk course focuses on large enterprise deployments. Students will learn steps and best practices for planning, data collection and sizing for a distributed deployment.
Workshop-style labs challenge students to make design decisions about an example enterprise deployment.
Splunk Certifications Exam
When you’re ready to take a Splunk Certification exam, please view the Exam-Registration-Tutorial for registration assistance. As a reminder, each exam attempt costs US$125. Bulk registration vouchers can be purchased at a discounted price of five registrations for US$500.
How to register for your exam
​
There are three ways to purchase a PearsonVUE registration voucher:
​
1) Directly from PearsonVUE
This is the most streamlined approach. Follow the steps for account creation and exam registration provided at www.pearsonvue.com/splunk
Payment will be collected at the time of registration. You can also visit the Pearson VUE voucher store for direct purchase.
​
2) From Splunk (as an individual)
Log into your existing account at Splunk.com/Education to purchase a registration code. Payment can be made via credit card or existing Splunk Education credits. Splunk will email you a unique registration code, which can be used for registration at www.pearsonvue.com/splunk .
3) From Splunk (as an account)
Your Splunk Sales Rep can add certification exams to any deal. Once the number of vouchers has been requested, Splunk will email your unique registration codes, which can be used for registration at www.pearsonvue.com/splunk
​
All scheduled exams are subject to a minimum 24-hour cancellation and/or rescheduling policy. Failure to cancel or reschedule an exam within this timeframe results in forfeiture of registration fee.