Getting to Know Splunk: The Hands-On Administration Guide

Name: Getting to Know Splunk: The Hands-On Administration Guide
Rating: 4.3 (762 reviews)

Learn how to be an IT superhero and go home early! This course will introduce you to Splunk administration in no time.

(762 ratings)

5,273 students

Created by Tom Kopchak

Last updated 6/2018

English

What you'll learn

Building a development Splunk environment from scratch on a Linux server
Onboarding data into Splunk
Understanding the importance of the Common Information Model (CIM)
Normalizing data using Splunk apps
Developing basic reports and dashboards using your new Splunk instance
Understanding why leaving systems exposed to the Internet is a bad idea

Requirements

No previous (administrator or user) Splunk experience is necessary. The purpose of this course is to begin at the fundamentals, so you can get started and advance your skills from there.
You will need a computer with a web browser and SSH client, as well as a Linux instance to use as your Splunk host. An Amazon Web Services (AWS) Ubuntu image will mirror the instructor examples in the lab activities - and I'll provide steps to duplicate my environment for you to use if you want.
Familiarity with Linux command line is a plus, though not a requirement. I’ll be walking you through the steps as we go.

Description

It's time for you to learn how to navigate Splunk and dominate big data!

Are your log files attempting to overthrow you? Have you heard of Splunk, but don't know how to wield it for the greater good of your data, or that of your enterprise? Have you used Splunk, but want to learn how to set it up and build it out properly? If so, this class is for you.

In this course, Tom will be teaching you how to get started with Splunk from the ground up. You'll learn the basics of Splunk terminology, along with how to use the Splunk web interface to find the data you're looking for. You'll build your own Splunk environment, add and normalize data to the Common Information Model (CIM), create dashboards, and find events in your data. Finally, you'll gain some more advanced searching techniques that will be particularly beneficial to those in network, security, and system administration roles.

This course is unique in that it does not require you to have a pre-existing Splunk environment - you'll actually be building and administering the Splunk system you will use to complete the lab activities.

Who this course is for:

Anyone looking to get started with Splunk administration.
If you have used Splunk for searching but have never brought in data or installed the software.
Individuals responsible for administering a Splunk environment but don't have much experience with running this software.

Tom Kopchak

Director of Technical Ops

4.3 Instructor Rating
762 Reviews
5,273 Students
1 Course

Tom Kopchak is the Director of Technical Operations at Hurricane Labs, where he pretends to manage a team of network and Splunk engineers, but is still an engineer and technology geek at heart. Tom is a Splunk Accredited Architect and Consultant, and has several years of experience building, designing, and managing Splunk deployments as well as managing teams of Splunk engineers. He holds a Master’s degree in Computing Security from the Rochester Institute of Technology, and has spoken at numerous infosec conferences around the country. You will often be able to find him researching digital forensics topics or tinkering with any and all forms of computer hardware. When he is not working with computers, Tom enjoys composing, music improvisation (Acts of Music), and playing both the piano and organ.