Splunk Administration & Architecture
3.2 (21 ratings)
Course Ratings are calculated from individual students’ ratings and a variety of other signals, like age of rating and reliability, to ensure that they reflect course quality fairly and accurately.
349 students enrolled

Splunk Administration & Architecture

Learn how to get Splunk to work in real world environment
3.2 (21 ratings)
Course Ratings are calculated from individual students’ ratings and a variety of other signals, like age of rating and reliability, to ensure that they reflect course quality fairly and accurately.
349 students enrolled
Created by FTube d
Last updated 4/2020
English
Price: $19.99
30-Day Money-Back Guarantee
This course includes
  • 3 hours on-demand video
  • 3 downloadable resources
  • Full lifetime access
  • Access on mobile and TV
  • Certificate of Completion
Training 5 or more people?

Get your team access to 4,000+ top Udemy courses anytime, anywhere.

Try Udemy for Business
What you'll learn
  • Install & Configure Splunk
  • Understand Splunk Components
  • Create the best design for Splunk
  • Syslog-ng installation and configuration
  • Use Splunk Deployment Server
  • Connect Splunk Search head with Indexer
  • Get data into Splunk from Network and Security devices "Syslog"
  • Get data from using Universal Forwarder
  • Splunk Apps and Add-ons
  • Use some free Splunk Apps
  • Splunk Search Language
Requirements
  • Basic Linux, and Network concepts
Description

This course will help Professionlas to implement Splunk Enterprise into their organizations environment. After Students finish this course they will know how to install Splunk and how to Configure it in real world , Beside how they will get data into splunk  using the syslog-ng and universal forwarder. we will talk about some splunk free apps.

Who this course is for:
  • Information Security Admins
  • IT Administrators
  • Security Administrators
  • Network Engineers
  • SOC members
Course content
Expand all 17 lectures 03:01:24
+ Module 01 Splunk Enterprise Architecture
6 lectures 32:54

Splunk Documentation

http://docs.splunk.com/Documentation/Splunk/7.1.0/Capacity/Referencehardware

Preview 05:23

Syslog-ng installation:

#mkdir /var/log/syslog-ng

#yum install epel-release

#yum install syslog-ng.x86_64

To start our syslog-ng configuration

#vi /etc/syslog-ng/syslog-ng.conf


Find if there is a problem in the file

/usr/sbin/syslog-ng -F -p /var/run/syslogd.pid


crontab -e

0 5 * * * /bin/find /var/log/syslog-ng/ -type f -name \*.log -mtime +7 -exec rm {} \;


Preview 06:03
+ Module 02 Get Data Into Splunk
7 lectures 01:39:08
01 Universal Forwarder Installation and Configuration
04:12
04 Install add-ons for windows
13:01
05 Install add-ons for AD and DNS
13:15
06 Install apps such as cisco, fortinet, windows, asa
08:47
07 Backup and SMTP configuration
03:32
+ Using Splunk 7
4 lectures 49:22
Prepare the Lab by get data into Splunk manually
13:38
Search and Reporting App
10:54
Using Fields
10:32
SPL
14:18