Archive

What are the steps to fully enable ES in a company?

Motivator

We have ES installed and we managed to map a couple of our indexes to the proper data models (using the tags) which we accelerated and then the corresponding dashboards show data and it does look impressive ; -)

So, we started the process. Now I wonder what we need to do to fully enable ES here.

Tags (1)
0 Karma
1 Solution

SplunkTrust
SplunkTrust

I would recommend you begin with the ES training on using and administering it. ES is a platform application there is no simple list of steps.

https://www.splunk.com/en_us/training/courses/using-splunk-enterprise-security.html
https://www.splunk.com/en_us/training/courses/administering-splunk-enterprise-security.html

View solution in original post

SplunkTrust
SplunkTrust

I would recommend you begin with the ES training on using and administering it. ES is a platform application there is no simple list of steps.

https://www.splunk.com/en_us/training/courses/using-splunk-enterprise-security.html
https://www.splunk.com/en_us/training/courses/administering-splunk-enterprise-security.html

View solution in original post

Motivator

Thank you @starcher.

0 Karma

SplunkTrust
SplunkTrust

The docs on ES are also good. skimming them is helpful https://docs.splunk.com/Documentation/ES/5.3.0/Admin/Formatassetoridentitylist

Motivator

Thank you!!

0 Karma