Course Overview
The SOC Administrator learning path modules teach security admins to install, configure, and manage Enterprise Security on Splunk Enterprise.
Please Note: This is a Learning Path and NOT a course. It's a discounted offering including all the modules required for this path. The number of actual teaching days is shown as part of the price information but the modules included in the path are usually delivered over a period of 5 weeks as indicated in the schedule. Please contact us if you want to know the exact teaching date and time of all the modules included in the path. The schedule just shows the correct start and end date.
Moyens d'évaluation :
- Quiz pré-formation de vérification des connaissances (si applicable)
- Évaluations formatives pendant la formation, à travers les travaux pratiques réalisés sur les labs à l’issue de chaque module, QCM, mises en situation…
- Complétion par chaque participant d’un questionnaire et/ou questionnaire de positionnement en amont et à l’issue de la formation pour validation de l’acquisition des compétences
Prerequisites
To be successful, students should have a solid understanding of the following:
- How Splunk works
- Creating search queries
To prepare for any Splunk Role-Based Learning Path, students should complete these free introductory e-learning modules:
- Intro to Splunk (ITS)
- Using Fields (Free) (SUFF) OR Using Fields (SUF) (fee required; includes hands-on labs)
And before starting the SOC Administrator (Enterprise Security) On-Prem Learning Path, students should complete these free e-learning modules:
Course Content
The SOC Administrator (Enterprise Security) On-Prem Learning Path includes the following modules:
- Leveraging Lookups and Subsearches (LLS)
- Search Under the Hood (SUH) (e-learning)
- Intro to Knowledge Objects (IKO) (e-learning)
- Creating Knowledge Objects (CKO)
- Creating Field Extractions (CFE)
- Enriching Data with Lookups (EDL)
- Data Models (SDM)
- Introduction to Dashboards (ITD)
- Dynamic Dashboards (SDD)
- Splunk Enterprise System Administration (SESA)
- Splunk Enterprise Data Administration (SEDA)
- Administering Splunk Enterprise Security (ASES)
Moyens Pédagogiques :