Splunk for Security Analysts

سرفصل های دوره

0-Course intro

Course Introduction.pdf

[SPLUNK] 0.1 - Course Welcome

[SPLUNK] 0.2 - The Power of Splunk

1-LabPrepartion

Files.zip

[SPLUNK] 1.1 - Lab Configuration Overview

[SPLUNK] 1.2 - Installing Splunk on Linux

[SPLUNK] 1.3 - Installing the Splunk Universal Forwarder on Windows

[SPLUNK] 1.4 - Installing the Splunk Universal Forwarder on Linux

2-Splunk overview and Data Pipeline

Files.zip

[SPLUNK] 2.1 - Components of a Splunk Environment

[SPLUNK] 2.2 - How Data Travels Through Splunk

[SPLUNK] 2.3 - Introduction to Indexes

[SPLUNK] 2.4 - A First Overview of the Splunk GUI

[SPLUNK] 2.5 - Enable a Receiver for Splunk Enterprise

[SPLUNK] 2.6 - Understanding Configuration Files

[SPLUNK] 2.7 - Understanding Apps

[SPLUNK] 2.8 - Shipping Windows Event Logs to Splunk

3-TroubleshootingSplunk

Files.zip

[SPLUNK] 3.1 - Troubleshooting - Changes Not Taking Effect

[SPLUNK] 3.2 - Troubleshooting - Inputs are Not Showing Up in Index

[SPLUNK] 3.3 - Applying Changes without Restarting Splunk

4-Data Onboarding

Files.zip

[SPLUNK] 4.1 - Creating a Text Index - Solution

[SPLUNK] 4.2 - Onboarding Exported Windows Event Logs

[SPLUNK] 4.3 - Onboarding Windows Registry Data

[SPLUNK] 4.4 -Onboarding Linux Logs

[SPLUNK] 4.5 - Onboarding Apache Web Server Logs

[SPLUNK] 4.6 - Onboarding CSV Files

[SPLUNK] 4.7 - Onboarding Custom Data Sources

[SPLUNK] 4.7 - Onboarding Custom Data Sources 2

[SPLUNK] 4.8 - Extracting Fields Using EXTRACT

[SPLUNK] 4.9 - Extracting Fields Using REPORT

5-Find explore data

Files.zip

[SPLUNK] 5.1 - Onboarding the BOTSv2 Data Set into Your Lab

[SPLUNK] 5.2 - Search Components

[SPLUNK] 5.3 - Search Modes

[SPLUNK] 5.4 - Search

[SPLUNK] 5.5 - Time

[SPLUNK] 5.6 - Fields, Table, and Sort

[SPLUNK] 5.7 - Top and Rare

[SPLUNK] 5.8 - Eval

[SPLUNK] 5.9 - Where

[SPLUNK] 5.10 - Rex

[SPLUNK] 5.11 - The Power of the Stats Command

[SPLUNK] 5.12 - Eventstats 2

[SPLUNK] 5.13 - Streamstats

[SPLUNK] 5.14 - Chart and Timechart

[SPLUNK] 5.15 - Joining Datasets Efficiently

[SPLUNK] 5.16 - More Searching Tips

[SPLUNK] 5.17 - Building Reusable Search Elements Using Macros

6-Enrichment and advanced filtering

Files.zip

[SPLUNK] 6.1 - Enriching Data with Lookups

[SPLUNK] 6.2 - File-Based Lookups

[SPLUNK] 6.3 - Using the Splunk App for Lookup File Editing

[SPLUNK] 6.4 - Key Value Store-Based Lookups

[SPLUNK] 6.5 - External Lookups

[SPLUNK] 6.6 - Automatic Lookups

[SPLUNK] 6.7 - Advanced Lookup Options

[SPLUNK] 6.8 - Subsearches

7-Sharing, Scheduling and Alerting

Files.zip

[SPLUNK] 7.1 - Sharing the Results of a Search

[SPLUNK] 7.2 - Creating and Sharing Reports

[SPLUNK] 7.3 - Scheduling Reports

[SPLUNK] 7.4 - Accelerate Reports

[SPLUNK] 7.5 - Creating Alerts

[SPLUNK] 7.6 - Configuration Using savedsearchesconf

8-Visualizations and Dashboards

Files.zip

[SPLUNK] 8.1 - Exploring Visualizations

[SPLUNK] 8.2 - Building a Static Dashboard

[SPLUNK] 8.3 - Adding a Shared Time Range Picker

[SPLUNK] 8.4 - Building a Dynamic Form Using Tokens

[SPLUNK] 8.5 - Using a Basesearch to Improve Loading Times - Part 1

[SPLUNK] 8.6 - Using a Basesearch to Improve Loading Times - Part 2

[SPLUNK] 8.7 - Configuring Drilldowns

[SPLUNK] 8.8 - Using Conditions in Drilldowns

[SPLUNK] 8.9 - Customizing Navigation

[SPLUNK] 8.10 - Exploring Dashboard Studio

9-Data Models

Files.zip

[SPLUNK] 9.1 - Understanding Data Models

[SPLUNK] 9.2 - Searching with Data Models

10-Using Search to Find Suspicious Events

Files.zip

[SPLUNK] 10.1 - Finding HTTP Connections to Servers by IP

[SPLUNK] 10.2 - Searching Two Data Sources for a Common Indicator

[SPLUNK] 10.3 - Finding Traces of Look-A-Like Domains

[SPLUNK] 10.4 - Using Geolocation to Find Anomalous Connections

[SPLUNK] 10.5 - First Time Logins for Users on a Machine

[SPLUNK] 10.6 - Identifying Password Guessing Attempts with Failed and Successful Logins

[SPLUNK] 10.7 - Identifying High Network Bandwidth Consumption from a Baseline

11-Coursewrapup

[SPLUNK] 99.1 - Going Furtther

[SPLUNK] 99.2 - Course Wrap-Up

179,000 تومان

افزودن به سبد خرید

خرید دانلودی فوری

در این روش نیاز به افزودن محصول به سبد خرید و تکمیل اطلاعات نیست و شما پس از وارد کردن ایمیل خود و طی کردن مراحل پرداخت لینک های دریافت محصولات را در ایمیل خود دریافت خواهید کرد.

تولید کننده: Udemy