The course provides the skills and knowledge for Splunk Cloud administrators to collect and ingest data Cloud - Course Topics Splunk Cloud SaaS User Authentication and Authorisation Index Management and Data data retention and archiving Monitor indexing activities Module 4 – Cloud Ingestion – Using forwarders and removing data prior to ingestion Dirty data and performance gains Module 9 – Cloud Support and Troubleshooting Troubleshooting Splunk deployments Collecting data and use diagnostics or monitoring to investigate

Major topics include planning apps, building data generators, adding data, custom search commands and Description Planning Apps Creating Apps Adding Data Enhancing Apps Using the REST API Packaging Apps environment Improve app performance Identify Splunk log files Use security best practices Create a data an app Configure app properties Create app navigation Add app icons and logos Module 3 – Adding Data List types of data inputs Identify ways to add data Explain modular vs scripted inputs Understand data

Additionally, our course covers how Splunk allows you to have complete control over your data and costs you need—maximising both data control and cost efficiency. This advanced data observability tool empowers enterprises to gain deep insights into their systems, AI-Powered Intelligence: Utilises machine learning to automate data processing, detect anomalies, and Participant, Splunk Enterprise Data Administration

users who want to use commands to manipulate output and normalise data. specific commands for manipulating fields and field values, modifying result sets, and managing missing data learn how to use specific eval command functions to normalise fields and field values across multiple data Convert a flat table into a 2-D table with thexyseries command Topic 2 – Modifying Result Sets Append data streamstats command Modify values to segregate events with the bin command Topic 3 - Managing Missing Data

who want to become experts on searching and manipulating multivalue data. using multivalue eval functions and multivalue commands to create, evaluate, and analyze multivalue data Understand multivalue fields Define self-describing data Understand how JSON data is handled in Splunk Use the spath command to interpret self-describing data Use mvzip and mvexpand commands to manipulate mvindex, and mvfilter eval functions to evaluate multivalue fields Topic 4 – Manipulating Multivalue Data

Participant, Splunk Enterprise Data Administration Developing SOAR (Phantom) Playbooks - Course Topics Use the visual playbook editor Use actions and decisions Process action results Test new playbooks Module 4 – Accessing and Formatting Data Accessing action results Accessing artifact and container data Formatting data Module 5 – Modular Playbook Development Calling other playbooks Creating artifacts Sending email Passing data between playbooks Module 6 – Custom Lists and Filters Custom list concepts Create custom

Read More Splunk Enterprise Data Administration This course prepares system administrators to configure Topics include installation, configuring data inputs and forwarders, data management, user accounts, Anyone involved in the design and deployment of Splunk will learn steps and best practices for planning, data Splunk Cloud Administration This course is designed to prepare administrators to manage users and get data Participant, Splunk Enterprise Data Administration

Review of SOAR UI and concepts Describe interactions between Splunk and SOAR Identify key concepts and data using and managing custom functions Using the SOAR API in custom code Store and retrieve persistent data Module 6 – Using SOAR REST Use Django queries to search for data in SOAR Use REST to access SOAR data with Python programming Administering Splunk SOAR Developing Splunk SOAR Playbooks Enterprise Splunk Data Dates and times displayed for each course are relative to Australian Eastern Time (AET).

3 Advanced Dashboards and Visualisations Splunk Enterprise System Administration Splunk Enterprise Data Participant, Splunk Enterprise Data Administration

Participant, Splunk Enterprise Data Administration Advanced Searching and Reporting - Course Topics Using Search Efficiently More Search Tuning Manipulating and Filtering Data Working with Multivalue Fields Previous attendees have included Consultants, IT Administrators, Data Scientists, Security and Risk Professionals 3 - Manipulating and Filtering Data Divide search results into different groups, based on values in 4 - Working with Multivalue Fields Use multivalue eval functions to analyze and format data Use the

The last topic will introduce how fields from other data sources can be used to enrich search results Final module collaborative lab walkthrough on screen was particularly helpful. is Field Discovery Using Fields in Searches Comparing Temporary versus Persistent Fields Enriching Data fields with the eval command Extract temporary fields with the erex and rex commands Topic 5 - Enriching Data Understand how fields from lookups, calculated fields, field aliases, and field extractions enrich data

Splunk Fundamentals 1 Splunk Fundamentals 2 Splunk Enterprise System Administration Splunk Enterprise Data Participant, Splunk Enterprise Data Administration