Training + Certification

splunk entreprise

rimsassi
Explorer

I'm discovering Splunk enterprise to build an application to perform correlations and detect incidents that affect web applications and endpoints.

Can you please guide me on the steps I should take?

what are your recommendations?

Labels (1)
0 Karma
1 Solution

scelikok
SplunkTrust
SplunkTrust

dauren_akilbeko
Communicator

I would recommend first pass Splunk Fundamentals 1, which is free. Then check Splunk Lantern and Splunk Developer Program

rimsassi
Explorer

I already passed  Splunk Fundamentals 1. I'll check the others, thanks

0 Karma

scelikok
SplunkTrust
SplunkTrust

rimsassi
Explorer

Okay! Thank u

0 Karma

richgalloway
SplunkTrust
SplunkTrust

It sounds like you want us to tell you how to build every security dashboard that was ever created.  Or perhaps you want the equivalent of Splunk Enterprise Security.  Either way, the question is far too broad.  If you have trouble with Splunk and have specific questions, then please post them.

  1. In the meantime, here are some steps:
  2. Take the free Splunk Fundamentals 1 class at splunk.com
  3. Get your data into Splunk.  See https://docs.splunk.com/Documentation/Splunk/8.1.2/Data/Getstartedwithgettingdatain
  4. Search for the onboarded data.  The free class above will tell you how.
  5. When you have a search that does something useful or produces a helpful KPI, save it to a dashboard.  Click the Save As link in the search window to do that.
---
If this reply helps you, an upvote would be appreciated.

rimsassi
Explorer

I'm new at Splunk, I'm trying to find my way around, but it's just too much documentation so I needed some guidelines to start. Thanks for your help.

0 Karma
Did you miss .conf21 Virtual?

Good news! The event's keynotes and many of its breakout sessions are now available online, and still totally FREE!