English | MP4 | AVC 1920×1080 | AAC 48KHz 2ch | 4h 07m | 823 MB
Build a Splunk instance and learn the concepts and terminology you need to produce insightful data reports and dashboard from data
Maybe you’ve heard about Splunk, but don’t know how to use it to take control of big data? Have you used Splunk, but want to learn how to set it up and use it properly? If so, this course is for you.
In this course, you will work with Splunk from the ground up. You’ll learn the basics of Splunk terminology, and how to use the Splunk web interface to find data. You’ll also build your own Splunk environment, add data to the Common Information Model (CIM), create dashboards, and find events within data. Finally, you’ll master advanced searching techniques that are especially useful to those in network, security, and system administration roles.
The course also covers the latest additions brought in for Splunk 8 and helps you quickly perform an upgrade. By the end of the course, you will be confident about using Splunk and will be well on the road to becoming a proficient Splunk architect and administrator as quickly as possible!
Learn
- Build your own Splunk development environment from scratch on a Linux server—and use it!
- Onboard and index multiple types of data into your Splunk instance
- Understand the importance of the Splunk Common Information Model (CIM), and why data models make Splunk a powerful tool for managing logs at volume
- Normalize data using Splunk apps
- Develop basic reports and dashboards using your new Splunk instance and the data from your Linux system
- Understand why leaving systems exposed to the internet is a bad idea
Table of Contents
Introduction to Splunk
1 Course Overview
2 What Is Splunk
3 What Are Logs and Why They Matter
4 Setting Up an AWS Environment
5 Splunk Installation
Splunk Terminology
6 Splunk – Splexicon
7 What Data Looks Like in Splunk – Events
8 Getting Data Out of Splunk – Search
9 Saved Searches – Report
10 Visualizing Data – Dashboard
11 Splunk’s Search Language – Search Processing Language
12 What Type of Data Do We Have – Sourcetype
13 How is Data Stored – Index
14 Making Data Useful with Knowledge Objects and Fields
15 Enriching Data – Lookup Table
Data Onboarding
16 How to Approach Data Onboarding
17 Hands-On Lab – Onboarding Linux Authentication Logs
18 Field Extractions Using Splunk Apps
19 What If There Is Not an App Available
20 Splunk Configuration Files
Splunk Deployment Components
21 Core Splunk Infrastructure – Indexes and Search Heads
22 Supporting Infrastructure – Forwarders
23 Supporting Infrastructure – Syslog Receiver
24 Supporting Infrastructure – Deployment Server
25 Splunk Licensing – How It Works and How to Investigate Your License Utilization
26 Splunk Clustering – Building Splunk for Fault Tolerance
27 Distributed Splunk Environments
28 Splunk Apps – The Building Blocks of Any Splunk Deployment
Data Normalization and Data Models
29 Onboarding Iptables Logs
30 Normalizing Data Using the Splunk Common Information Model (CIM)
31 Applying the Common Information Model to Your Firewall Logs
Using Your Splunk Environment
32 Overview of Splunk UI
33 Using Fields
34 Hands-on Lab – Working with the Splunk UI
35 Splunk Search Models
36 Hands-On Lab – Splunk Search Modes
37 The Search Pipeline
38 Hands-On Lab – Search Pipeline
Visualizing Data
39 Reporting Log Data – Tables
40 Hands-On Lab – Tables – Displaying Search Results
41 Advanced Searching Concepts – Chart – Graphing Search Results
42 Advanced Searching Concepts – Timechart – Results Over Time
43 Advanced Searching Concepts – Geostats and IP Location
44 Advanced Searching Concepts – Eval – Manipulating and Reformatting Data
45 Advanced Searching Concepts – Rename – Making Table Headers More Accessible
46 Advanced Searching Concepts – Relative Time Syntax
47 Advanced Searching Concepts – Search Performance – Gotchas to Avoid
48 Advanced Searching Concepts – Time to Experiment – Expanding Your Splunk Knowledge
49 Creating Splunk Dashboards
50 Hands-On Lab – Dashboards
Upgrading Splunk
51 Splunk Release Cycles
52 What’s New in Splunk 8.0
53 Planning for an Upgrade
54 Backing up Your Splunk Instance
55 Performing a Splunk Upgrade
56 Hands-on Lab – Upgrading Your Lab System
Resolve the captcha to access the links!