#Random
This is a place to discuss all things outside of Splunk, its products, and its use cases.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

Need Project Ideas - New Splunker

sszulu505
Engager
‎01-26-2016 06:06 AM

Hello Community,

I am a new Splunker and would love to do my term project for a security course using Splunk. I am having trouble coming up with ideas to propose to my professor - mainly due to the fact that I have no idea where I can get data to input into Splunk for analysis. I was hoping someone could recommend a novice level project idea that has data readily available and easy to ingest. I hope this isn't asking too much!

Thank you in advance!

Tags (1)
0 Karma
Reply

AndySplunks
Communicator
‎01-27-2016 08:05 AM

If you have a lab network, see if you can get flow data from some network devices. Network engineers can typically set that stuff up to be forwarded to your Splunk environment.

0 Karma
Reply

esix_splunk
Splunk Employee
Splunk Employee
‎01-26-2016 11:08 AM

Additionally, you can find a large number of datasets out there for analysis.

Here are a few :
http://aws.amazon.com/datasets/
https://www.quandl.com/
http://www.networkrepository.com/

You can look through these and perhaps get some ideas.

0 Karma
Reply

ChrisG
Splunk Employee
Splunk Employee
‎01-26-2016 10:43 AM

Here is another walk-through that uses the tutorial data, with a bit of a security focus:

http://docs.splunk.com/Documentation/Splunk/6.3.2/Scenarios/Goals

And here are some public PCAP data sets for security exercises: http://www.netresec.com/?page=PcapFiles

If you go that route, get the PCAP Analyzer for Splunk. You can also read the Indexing PCAP header data in Splunk blog post and take a look at this security analytics white paper.

Reply

sszulu505
Engager
‎01-27-2016 07:11 AM

This is awesome - thank you so much for the responses guys (especially ChrisG!)!

My professor has asked us to re-scope the project to cover the bread-and-butter of what Splunk is used for and cover the top 3-5 features of the tool.

So, given I am fresh on the scene to Splunk - what do you guys think Splunk's "bread-and-butter" is (and the best way to demonstrate that) and your opinion of the top 3-5 features (especially if they're unique to Splunk)? Security focus would be great - but after I met with the professor, it sounded like he wanted a more holistic overview of Splunk.

Thank you everyone!

0 Karma
Reply

ChrisG
Splunk Employee
Splunk Employee
‎01-27-2016 08:25 AM

The tutorials will still give you the best hands-on view of the main product capabilities. There is a brief technical summary of the core capabilities in the Splunk Enterprise Overview. To read about the main features and their value, see the Splunk Enterprise product page on splunk.com, and read through the Splunk and Operational Intelligence solution guide (linked from the product page).

Reply

ChrisG
Splunk Employee
Splunk Employee
‎01-27-2016 08:26 AM

PS feel free to upvote and/or accept answers that are useful to you!

0 Karma
Reply

jplumsdaine22
Influencer
‎01-26-2016 09:03 AM

Welcome to Splunk!

First of all definatley do the tutorial http://docs.splunk.com/Documentation/Splunk/latest/SearchTutorial/WelcometotheSearchTutorial

There are lots of data sets available online for free, it depends on what the focus is of your course. For a start, and especially since the tutorial is already focused on them, try and google around for some large apache web log sets, then create some analytics dashboards using that data

Have fun!

0 Karma
Reply
Get Updates on the Splunk Community!

Welcome to the Splunk Community!

(view in My Videos) We're so glad you're here! The Splunk Community is place to connect, learn, give back, and ...

Tech Talk | Elevating Digital Service Excellence: The Synergy of Splunk RUM & APM

Elevating Digital Service Excellence: The Synergy of Real User Monitoring and Application Performance ...

Adoption of RUM and APM at Splunk

    Unleash the power of Splunk Observability   Watch Now In this can't miss Tech Talk! The Splunk Growth ...