All Topics

Learn Splunk

All Topics

Hi, I have 12 years of experience in IT with Microsoft Technologies - MS SQL Server, MSBI, Power BI. Now I am planning to improve my technical skill set with Splunk. So please suggest... 1. Do I nee... See more...
Hi, I have 12 years of experience in IT with Microsoft Technologies - MS SQL Server, MSBI, Power BI. Now I am planning to improve my technical skill set with Splunk. So please suggest... 1. Do I need to know any other technologies to learn Splunk 2. Admin & Developer growth in Splunk 3. Suggest certifications as per my previous experience. Regards, Venal.
November 2024 Edition Hayyy Splunk Education Enthusiasts and the Eternally Curious!  We’re back with this month’s edition of indexEducation, the newsletter that takes an untraditional twist ... See more...
November 2024 Edition Hayyy Splunk Education Enthusiasts and the Eternally Curious!  We’re back with this month’s edition of indexEducation, the newsletter that takes an untraditional twist on what’s new with Splunk Education. We hope the updates about our courses, certification program, and self-paced training will feed your obsession to learn, grow, and advance your careers. Let’s get started with an index for maximum performance readability: Training You Gotta Take | Things You Needa Know | Places You’ll Wanna Go  Training You Gotta Take SOC Essentials  | It’ll knock your socks off Crew, ankle, no-show, athletic, and compression. These are all sock essentials for your feet. But, now Splunk offers SOC Essentials: Investigating and Threat Hunting – a course for your brain. Part of the Blue Team Academy, this instructor-led training is designed to tackle the industry skills gap head-on. You’ll learn how to conduct investigations using Splunk Enterprise Security, master Risk-Based Alerting, and practice key tasks with Splunk SOAR. Plus, you’ll work with the PEAK Threat Hunting framework and put your knowledge to the test with a hypothesis-driven threat-hunting exercise.  Gotta get to class |  SOC(k)-wearing optional Training on the ‘tube | Enterprise Security 8.0  Ready to transform your SOC workflow skills? Pop over to the Splunk Education How-To YouTube channel and press play for training on Splunk Enterprise Security 8.0. This latest release revolutionizes threat detection, investigation, and response (TDIR) with features like seamless case management and integrated automation through Splunk SOAR. You’ll learn all about Splunk Mission Control, new detection types, detection versioning, and enhanced case management updates. Alex is waiting to walk you through the latest, so don’t leave her hanging.  Gotta learn on YouTube | The new release of Enterprise Security Things You Needa Know There’s an app for that | Start with Lantern Account takeovers, wire fraud, credit card fraud, oh my! It’s scary out there for Financial Services companies, which is why you’ve got Splunk. But because there are so many places for the bad guys to lurk, we’ve got guidance for using Splunk for dozens of use cases – starting with our updated Use Case Explorer specifically for Financial Services. The Use Case Explorer is a great tool to help you implement new use cases using either Splunk Enterprise or Splunk Cloud Platform, plus there’s also a new deployment guide for using the Splunk App for Fraud Analytics. Lantern is forcing the bad guys out of the dark – one guide at a time!    Needa know the use cases | Read on Lantern The case for academics | Splunk training in universities Ever wonder where the next generation of cybersecurity professionals is coming from? Well, wonder no more. Thanks to the Splunk Academic Alliance Program, we’re training tomorrow’s talent at universities like the University of Nevada, Las Vegas, and Louisiana State University. With classroom curriculum at the foundation, these students are getting hands-on experience in real-world security operations – and on Security Operations Center (SOC) teams. It’s a win-win: students get the skills they need, and organizations can then use this trained-up talent in their own SOCs.  Needa know about the future | We’ve got two case studies Places You’ll Wanna Go Splunk Education Goes to Washington | Splunk GovSummit 2024 Join us for monumental moments in the nation’s capital on December 11, 2024. Splunk GovSummit in Washington, D.C. is a one-day event packed with learning, insights, and innovation. We bring together public sector leaders and tech experts to explore the latest in observability, cybersecurity, AI adoption, and digital resilience, plus two instructor-led courses— SOC Essentials: Investigating and Threat Hunting and Exploring and Analyzing Data. From the U.S. Capitol to the Washington Monument, Splunk Education is in the House. (Well, not literally.)  Go to Washington | Register for our two in-person courses  To the classroom | Training tales and testimonials School is always in session with Splunk Education. If you’re curious about what the experience looks like, then check out Splunk Classroom Chronicles. This new series introduces you to our top-notch instructors and course developers, and highlights stories and feedback from our learners. With today’s fast-paced work environment, continuous professional development is key, and Splunk Education offers engaging, interactive training to keep you one step ahead of the bad guys. From hands-on labs to expert-led sessions, grab a virtual seat and put those thinking caps on. Go to the head of the class | Read the tales Find Your Way | Learning Bits and Breadcrumbs Go Chat | Join our Community User Group Slack Channel Go Stream It  | The Latest Course Releases (Some with Non-English Captions!) Go Last Minute | Seats Still Available for ILT Go to Lantern | For Financial Services Use Cases Go to STEP | Get Upskilled Go Discuss Stuff | Join the Community Go Social | LinkedIn for News Go Index It | Subscribe to our Newsletter   Thanks for sharing a few minutes of your day with us – whether you’re looking to grow your mind, career, or spirit, you can bet your sweet SaaS, we got you. If you think of anything else we may have missed, please reach out to us at indexEducation@splunk.com.    Answer to Index This: 200
Hello, I am new to Splunk. From where I need to start learning from zero to hero basis? I need to go till advanced knowledge. Gone through documentation but it is not systematic.  Please sugges... See more...
Hello, I am new to Splunk. From where I need to start learning from zero to hero basis? I need to go till advanced knowledge. Gone through documentation but it is not systematic.  Please suggest some good documentation or systematic videos.
How to Redirect Smart Agent Temporary Files to Avoid /tmp Space Limitations on Linux Installing any APM or Machine agent with Smart Agent on your Linux box will use /tmp directory to copy agent bin... See more...
How to Redirect Smart Agent Temporary Files to Avoid /tmp Space Limitations on Linux Installing any APM or Machine agent with Smart Agent on your Linux box will use /tmp directory to copy agent binaries before moving them to the intended directory. The problem You can get an error like below: error message = Error extracting Machine Agent in staging: reading file in zip archive: /tmp/.staging/machine-agent/jre/lib/modules: writing file: write /tmp/.staging/machine-agent/jre/lib/modules: no space left on device Error creating Machine Agent service: error installing service: error moving service file to destination: rename /tmp/.staging/appdynamics-machine-agent.service /etc/systemd/system/appdynamics-machine-agent.service: invalid cross-device link These errors are caused due to less space in /tmp folder or /tmp directory mounted on an external device. How to fix it You need to have Smart Agent use any other directory on our host then tmp. To do this: Go to <Smart-Agent-Home-Directory>, In my case the directory is /opt/appdynamics/appdsmartagent Commands in order: cd /opt/appdynamics/appdsmartagent ./smartagentctl stop export TMPDIR=/opt/appdynamics ./smartagentctl start Now in your logs, you will see {"severityText":"INFO","timestamp":"2024-10-04T16:30:29.692Z","name":"native","caller":"machine/task_helper.go:48","body":"downloaded file to ","downloaded file":"/opt/appdynamics/.staging/download/machineagent-bundle-64bit-linux-24.9.0.4408.zip"} {"severityText":"INFO","timestamp":"2024-10-04T16:30:29.692Z","name":"native","caller":"machine/task_helper.go:161","body":"Extracting zip","package.name":"8a5e85401b3a01ac5dadd6394c235dbf032ffa04;MACHINE_AGENT","src path":"/opt/appdynamics/.staging/download/machineagent-bundle-64bit-linux-24.9.0.4408.zip","dest path":"/opt/appdynamics/.staging/machine-agent"} This means, Smart Agent is now copying everything in /opt/appdynamics directory.
At Splunk Education, we are committed to providing a robust learning experience for all users, regardless of skill level or learning preference. Whether you’re just starting your journey with Splunk ... See more...
At Splunk Education, we are committed to providing a robust learning experience for all users, regardless of skill level or learning preference. Whether you’re just starting your journey with Splunk or sharpening advanced skills, our broad range of educational resources ensures you’re prepared for every step.    Our Portfolio We offer Free eLearning to kickstart your learning, eLearning with Labs for hands-on practice, Instructor-led courses for interactive, expert guidance, and Splunk Certifications to validate your expertise. For quick tips and insights, explore our Splunk YouTube How-Tos and Splunk Lantern, where you'll find up-to-date guidance and best practices that reflect the latest in Splunk's capabilities. New Courses Available Every month, we release new courses designed to empower learners with the tools and knowledge they need to stay ahead in the evolving tech landscape. Whether you prefer self-paced eLearning or the structure of live instruction, there’s a course to fit your style. This month, we are excited to announce a new instructor-led course, a new eLearning with Labs course, and three free eLearning courses to help you advance your Splunk skills:   SOC Essentials: Investigating and Threat Hunting – Instructor-led course (Enroll) SOC Essentials: Investigating with Splunk – eLearning with labs (Enroll) Creating Classic Dashboards – Free eLearning (Enroll)  SOC Essentials: Investigating with Splunk – Free eLearning (Enroll)  Administering Splunk Observability Cloud – Free eLearning (Enroll)  These courses provide targeted insights into security operations and observability, essential for anyone looking to enhance their data-driven capabilities. Explore them today to stay ahead in your field! All courses are available through the Splunk Course Catalog, accessible via our banner or directly on our platform. Expanding Global Learning Access  As part of our commitment to accessibility and inclusion, we continue to translate eLearning courses into multiple languages and add non-English captions. This effort ensures that learners worldwide can grow their Splunk expertise in their preferred language, supporting our vision of an inclusive educational ecosystem. Each month presents new opportunities to expand your knowledge, boost your career, and enhance your contributions to enterprise resilience. Stay updated with the latest courses and continue your journey toward Splunk mastery – your next big career move could be just a course away. See you next month!  - Callie Skokos on behalf of the Splunk Education Crew
Why do I need to collect the debug-level log file? The Java agent by default logs the entries at the info level. Sometimes, the debug-level log files are necessary to investigate an experienced iss... See more...
Why do I need to collect the debug-level log file? The Java agent by default logs the entries at the info level. Sometimes, the debug-level log files are necessary to investigate an experienced issue. Debug-level logging logs are more insightful entries that can be later used to identify the root cause of the experienced issue. There are two ways you can collect the agent log files at the desired logging level. From the AppDynamics controller UI. From the server, where the agent was installed. Collect the Java agent log files from the AppDynamics controller UI. Log into the controller UI. Select the problematic app. Open the 'Tiers & Nodes' dashboard. Select the problematic node. Select the 'Agents' tab. Scroll down to the 'Agent Operations' section and click on the 'Request Agent Log Files' button.  Set the logging level properties. Logger Name: com.singularity Logger Level: Debug Duration (minutes): at least 5 Click on the 'Request Agent Log Files' button to start the log files collection. If it is a test environment, please make sure to generate the load on the app during the log file collection. Collect the Java agent log files from the server, where the agent was installed. (optional) Delete the '/<java-agent-home>/<version>/logs/<node-name>/' directory. Edit the '/<java-agent-home>/<version>/conf/logging/log4j2.xml' file. Change the logging level as in the example below. <!-- to control the logging level of the agent log files, use the level attribute below. value="all|trace|debug|info|warn|error"--> <AsyncLogger name="com.singularity" level="debug" additivity="false">     <AppenderRef ref="Default"/>     <AppenderRef ref="RESTAppender"/> </AsyncLogger> Apply the load on the app (if it is a test environment) for at least 5 minutes. Zip the '/<java-agent-home>/<version>/logs/<node-name>/' directory. Revert the change. I hope this article was helpful. Feel free to ask in case of any questions.
Splunk enterprise certification tutorials and process.
Welcome to the "Splunk Classroom Chronicles" series, created to help curious, career-minded learners get acquainted with Splunk Education and our instructor-led classes – and hear what other students... See more...
Welcome to the "Splunk Classroom Chronicles" series, created to help curious, career-minded learners get acquainted with Splunk Education and our instructor-led classes – and hear what other students are saying about their learning experiences.  In today's dynamic workplace, ongoing professional development is more important than ever, and Splunk is at the forefront of facilitating this growth through comprehensive, interactive online training sessions. Our courses are designed not only to enhance technical skills but also to enrich the overall learning experience. From engaging instructors to hands-on labs, each class is tailored to ensure that participants gain practical knowledge and real-world expertise. Let’s Kick it Off  Join us for Part 1 of our series as we explore the tales and testimonials from those who've experienced Splunk Education instructor-led training first-hand. You’ll meet our course instructors and developers – those who are dedicated to making your learning experience interesting, engaging, and valuable. Our Splunk course developers work to develop the quality curriculum and lab experiences, which is then handed off to our instructors. The end result, we hope, is happy learners with constructive feedback to share about our instructor-led courses. Splunk Enterprise Data Administration Course The 18-hour Splunk Enterprise Data Administration course is designed for administrators who are responsible for getting data into Splunk Indexers. The course provides the fundamental knowledge of Splunk forwarders and methods to get remote data into Splunk indexers. It covers installation, configuration, management, monitoring, and troubleshooting of Splunk forwarders and Splunk Deployment Server components. David Lowe is one of the course instructors and Kevin Stewart is the course developer.  Here’s what one student had to say about David Lowe “I wanted to say how much I’ve enjoyed both of the Splunk Enterprise courses I’ve taken with you over the last few weeks. You kept it engaging which can’t be easy given the volume of topics you need to cover…I feel I’ve learned a lot that I can take back to our Splunk instance so definitely a win. I’d certainly recommend you as an instructor for any of my colleagues looking to take these courses.” Using Splunk Enterprise Security Course Using Splunk Enterprise Security is a 13.5-hour course designed to prepare security practitioners to use Splunk Enterprise Security (ES). In this instructor-led course, students identify and track incidents, analyze security risks, use predictive analytics, and discover threats. Lauri Harris is one of the course instructors and Nicole Bichon is the course developer.  Here’s what one student had to say about Lauri “I had Lauri as a trainer in the Splunk ES course. She was absolutely wonderful… so many of us were impressed with her knowledge. I was brand new to Splunk. The prerequisites were somewhat helpful in the intro of it, but Lauri was awesome at explaining so many other features of it. Even though I feel that so much information was covered in two days, she did an awesome job of touching on everything she could, answering questions and going through the features and labs. [I hope] we have the pleasure of learning more from her again.” Splunk Cloud Administration Course Splunk Cloud Administration course is an 18-hour instructor-led course for administrators new to Splunk Cloud and those wanting to become more experienced in managing Splunk Cloud instances. The course provides administrators with the opportunity to gain the skills, knowledge and best practices for data management and system configuration for data collection and ingestion required in a Splunk Cloud environment to create a productive Splunk SaaS deployment. The hands-on labs provide the opportunity to learn and ask questions on how to manage and maintain the platform, the users and how to effectively get data into Splunk Cloud. Modules include data inputs and forwarder configuration, data management, user accounts, and basic monitoring and problem isolation. Sue Rich is one of the course instructors and Tomer Gurantz and Rob Zylstra are  the course developers.  Here’s what one student had to say about Sue Rich “Thanks so much for the awesome job you did teaching us Splunk Cloud Administration and also Splunk Enterprise and forwarder management knowledge that we can apply to our on-premises footprint as well. You made this week of training fun and easily digestible and we certainly learned a great deal about the Splunk environment we're tasked with supporting from the customer side. Take care and hope we all get to roll with you again in the future.”   Resources and Reminders If we’ve piqued your interest in the value of Splunk Education and you’d like to increase your Splunk knowledge or get started on your journey, here are some useful resources: Course Registration: Ready to take the next step? Register for these or any of our courses here.  Splunk Education: Visit the official Splunk Education website to explore more courses and certification details. Splunk Lantern: Get field-tested guidance on use cases and best practices using Splunk Lantern. Community Insights: Join the Splunk Community to connect with other users and get insights into best practices and troubleshooting. Splunk Certification: Validate your Splunk proficiency with any of our Splunk Certifications. Whether you're a new administrator or a seasoned Splunk veteran, our courses are designed to empower you with the knowledge and skills needed to excel in your role. Stay curious, keep learning, and we look forward to seeing you in one of our upcoming classes!
I've tried to register for the SplunkWork+ training for veterans and after I verify with ID.me, I receive a message saying that my account is being configured, but then receive a "504 Gateway Timeout... See more...
I've tried to register for the SplunkWork+ training for veterans and after I verify with ID.me, I receive a message saying that my account is being configured, but then receive a "504 Gateway Timeout". Any ideas?   Thanks!
The University of Nevada, Las Vegas (UNLV) is another premier research institution helping to shape the next generation of cybersecurity professionals through its student-powered SOC program. And, th... See more...
The University of Nevada, Las Vegas (UNLV) is another premier research institution helping to shape the next generation of cybersecurity professionals through its student-powered SOC program. And, the Splunk Academic Alliance program is a cornerstone for fostering that talent. Through this program, UNLV students, faculty, and IT staff receive no-cost access to Splunk training and certifications, crucial for growing talent today that benefits society tomorrow. The program equips them with a renewable one-year, 10GB license for Splunk software, alongside access to eLearning resources and additional benefits, ensuring equitable access to tools for solving global challenges.   Our latest case study about Splunk and UNLV highlights the hands-on application of this initiative. Not only does the university use Splunk Enterprise Security in its SOC, but the SOC is now student-powered. Jason Griffin, who oversees Splunk Enterprise Security for the campus, is also a professor who teaches graduate-level security data analytics courses using the Splunk Academic Alliance. He integrates the Academic Alliance training directly into his curriculum. Initially optional, this training has now become a fundamental part of his teaching, linking analytics and Splunk in a real-world context that enhances both student learning and campus security. Beyond the classroom, the impact of the Academic Alliance program at UNLV extends to university employees. The cybersecurity team at UNLV is also trained through the program, ensuring that the entire security apparatus is proficient in the latest Splunk technologies. This comprehensive educational approach not only keeps the material fresh for instructors like Professor Griffin but also continually advances the cybersecurity capabilities of the university. Through such initiatives, UNLV is not just a beneficiary of the Splunk Academic Alliance but a vibrant example of its success in action.  For more detailed insights, you can explore the full case study here.
I have been working through the splunk data models module and have been trying to get 100% on the data models quiz. I have gone through it about 20 times, getting 93%, and I have narrowed the questio... See more...
I have been working through the splunk data models module and have been trying to get 100% on the data models quiz. I have gone through it about 20 times, getting 93%, and I have narrowed the question that is wrong down to: What do Pivots require to create visualizations in Splunk? Select all that apply. I have tried every combination I can think of that could be valid but cannot get a correct answer. I have seen in another post that someone was having problems with this quiz so maybe the quiz has a wrong answer? Any help answering this would be appreciated as it has been frustrating me
I recently took my Splunk Power user exams and iI wish to know how long it takes to receive the results?  Thank you.
October 2024 Edition Hayyy Splunk Education Enthusiasts and the Eternally Curious!  We’re back with this month’s edition of indexEducation, the newsletter that takes an untraditional twist o... See more...
October 2024 Edition Hayyy Splunk Education Enthusiasts and the Eternally Curious!  We’re back with this month’s edition of indexEducation, the newsletter that takes an untraditional twist on what’s new with Splunk Education. We hope the updates about our courses, certification program, and self-paced training will feed your obsession to learn, grow, and advance your careers. Let’s get started with an index for maximum performance readability: Training You Gotta Take | Things You Needa Know | Places You’ll Wanna Go Training You Gotta Take SOAR like an eagle | Investigating Incidents with Splunk SOAR Ready to elevate your security skills and soar above the rest? Our instructor-led course, Investigating Incidents with Splunk SOAR, will have you flying through security incidents with confidence. In this three-hour course, you’ll learn SOAR concepts, investigations, running actions and playbooks, and managing cases with workflows. Designed for security practitioners, this hands-on course with labs equips you to respond, investigate vulnerabilities, and take action to keep your organization secure. All you need is some basic security operations knowledge, and you're ready to take flight.  Gotta learn to SOAR | Instructor-led with hands-on labs  Learn it blog-style | Splunk Learn  As if instructor-led training, eLearning with labs, free eLearning, Splunk University, Lantern, and YouTube weren’t enough ways to learn, we’ve got one more!  The Splunk Learn blog is another learn-at-your-own-pace-on-your-own-time option for tips, tutorials, and insights about Splunk and using Splunk.  Learn Blogs are a great complement to our Splunk Education curriculum, serving to reinforce what you may have learned in class or a way to test your skills with a new use case.  But please don’t be overwhelmed with all the ways we have your back, just know we come at it like “Yo, different strokes for different folks.”  Gotta learn from stories | Learn blogs Things You Needa Know How to be like Brandon | SMARTNESS Series, Episode 3 Ever listen to a podcast or watch a show where someone’s story totally resonates, and you think, Wow, that could be me? Well, that’s exactly the vibe of our SMARTNESS series. It’s like the career-growth version of “What Now?” with Trevor Noah. In Episode 3, we spotlight Brandon Sternfield. His journey through Splunk training, hands-on learning, and connecting with the incredible Splunk community helped him unlock new career possibilities. If you’re looking for that spark to ignite your own career growth, then you gotta’ meet Brandon. Needa be inspired | Meet Brandon Career moves | Vids and tips about Splunk Education Think of it like TikTok – quick, interesting, but with less dancing! In this short video, you’ll meet the duo of Alex and Ashley. Alex dives into how learning Splunk can fuel your career growth – no matter where you work – while Ashley shares her insider tips on standing out as a top candidate. Whether you're looking to expand your skills or land your next big role, Splunk Education and these expert tips are the perfect moves to help you succeed. Needa hear from experts | Splunk career tips Places You’ll Wanna Go Meet Duke Cyberwalker | A hero’s journey with Splunk We like to say, the lightsaber is to Luke as Splunk is to Duke. Curious yet? Then read Eric Fusilero’s latest blog about the thrilling saga of Duke Cyberwalker, a fresh college grad turned cybersecurity hero. It’s not just a creative and engaging narrative, it's a metaphor for daily professional challenges and growth. Join Duke on his epic adventure and discover how you, too, can transform the mundane into an adventure with Splunk. Go meet a hero | A blog of adventure Splunk YouTube | Short videos. Big impact. Wearing shorts to a red carpet event? Probably not the best look. But Splunk How-To YouTube Shorts? Now that’s always appropriate! We’re excited to announce a new series of bite-sized videos dedicated to helping you ace your Splunk Certification. Whether you’re preparing for the exam or just brushing up on key concepts, these quick, engaging videos give you the tips and tricks you need – in under 60 seconds! So, if you’re ready to level up your skills, check out the Splunk How-To YouTube Shorts and get one step closer to your certification goals. Go get them shorts | Splunk Certification in seconds Find Your Way | Learning Bits and Breadcrumbs Go Chat | Join our Community User Group Slack Channel Go Stream It  | The Latest Course Releases (Some with Non-English Captions!) Go Last Minute | Seats Still Available for ILT Go to Lantern | For Ways to Use Splunk More Efficiently Go to STEP | Get Upskilled Go Discuss Stuff | Join the Community Go Social | LinkedIn for News Go Index It | Subscribe to our Newsletter Thanks for sharing a few minutes of your day with us – whether you’re looking to grow your mind, career, or spirit, you can bet your sweet SaaS, we got you. If you think of anything else we may have missed, please reach out to us at indexEducation@splunk.com.    Answer to Index This:  44 + 4/4 = 45
If you’re in the Washington, D.C. area, this is your opportunity to take your career and Splunk skills to the next level by attending Splunk GovSummit on December 11, 2024. Register today!   Insi... See more...
If you’re in the Washington, D.C. area, this is your opportunity to take your career and Splunk skills to the next level by attending Splunk GovSummit on December 11, 2024. Register today!   Insights, Innovation, and Resilience This one-day event offers public sector tech leaders a platform to exchange ideas and best practices to tackle evolving threats, drive innovation, and improve services for residents. The event will cover the latest trends in observability and cybersecurity, focusing on challenges like safeguarding critical systems, adopting AI responsibly, and meeting compliance standards. Attendees will gain insights from government and industry experts on building digital resilience to achieve mission success. Bonus! Two Hands-On Training Courses Just for You  Splunk Education-experienced trainers will be onsite to teach two 7-hour technical workshops, perfect for anyone in the area who wants to sharpen their skills.    SOC Essentials: Investigating and Threat Hunting   A beginner-to-intermediate course where participants will learn to analyze events and hunt threats like a pro. Time: 9:00 AM - 4:00 PM  Price: $900 or 90 Training Units     Exploring and Analyzing Data with Splunk An intermediate-to-advanced course that dives deep into business insights, data analysis, and custom visualizations.  Time: 9:00 AM - 4:00 PM  Price: $900 or 90 Training Units     Register today! Secure your spot and register today to enhance your skills and make meaningful connections at Splunk GovSummit 2024.       See you in class at Splunk GovSummit, Washington, D.C.    – Callie Skokos on behalf of the Splunk Education Crew
Hello everyone, I am a programmer at Terus. After being promoted, I am managing a small group of programmers. Terus will soon receive an order from a domestic enterprise and my boss wants to assign i... See more...
Hello everyone, I am a programmer at Terus. After being promoted, I am managing a small group of programmers. Terus will soon receive an order from a domestic enterprise and my boss wants to assign it to me and my new team. The order's requirements are quite simple but require the use of some features from Splunk. I already have basic knowledge when using Splunk, but after surveying, the young people (5 people) in my group do not know anything about Splunk. Currently, I will have 2 months to train them to prepare for the project. But I tried to teach them in the first week but it seems not very feasible. When searching on the document, I accidentally found the community and a few people are admins and engineers of Splunk. Today, I want to ask everyone about the best way to learn for new people so that in the next month they can be confident to do the project. Note: These members are quite smart and agile but it seems that my communication is not very good so I need help from everyone. Hope to receive everyone's sharing.
Hi guys,   Looking to up my still on this and wondering what do you guys suggest around this and what the best training certification would be on this.  But I think you need to be on the cloud for... See more...
Hi guys,   Looking to up my still on this and wondering what do you guys suggest around this and what the best training certification would be on this.  But I think you need to be on the cloud for this even if you have the ES? I know i cant use mission control either as we are not on the cloud. What would you recommend other than mission control?  Thanks Ahmed     
Louisiana State University (LSU) is shaping the next generation of cybersecurity professionals through its student-powered SOC program, made possible by the Splunk Academic Alliance program. This ini... See more...
Louisiana State University (LSU) is shaping the next generation of cybersecurity professionals through its student-powered SOC program, made possible by the Splunk Academic Alliance program. This initiative not only provides hands-on experience with Splunk tools but also protects 18 higher education institutions across Louisiana, with plans to expand to 38 by 2025. Students gain up to 1,000 hours of real-world security operations experience each year, working side-by-side with TekStream experts to manage incidents and enhance statewide security.     For the Splunk community, this story highlights how the Academic Alliance program is actively preparing students to become the skilled professionals you’ll soon collaborate with in the workforce. Through exposure to Splunk Enterprise Security and SOAR platforms, these students are learning the tools and techniques essential to their future roles—giving them a head start as they enter the job market.  Read the full case study to explore how this program is laying the foundation for a more secure future, driven by the talent you’ll be working with tomorrow.
At Splunk Education, we are committed to providing a robust learning experience for all users, regardless of skill level or learning preference. Whether you’re just starting your journey with Splunk ... See more...
At Splunk Education, we are committed to providing a robust learning experience for all users, regardless of skill level or learning preference. Whether you’re just starting your journey with Splunk or sharpening advanced skills, our broad range of educational resources ensures you’re prepared for every step.  Our Portfolio We offer Free eLearning to kickstart your learning, eLearning with Labs for hands-on practice, Instructor-led courses for interactive, expert guidance, and Splunk Certifications to validate your expertise. For quick tips and insights, explore our Splunk YouTube How-Tos and Splunk Lantern, where you'll find up-to-date guidance and best practices that reflect the latest in Splunk's capabilities. New Courses Available Every month, we release new courses designed to empower learners with the tools and knowledge they need to stay ahead in the evolving tech landscape. Whether you prefer self-paced eLearning or the structure of live instruction, there’s a course to fit your style. This month, we are excited to announce three new courses to help you advance your Splunk skills: SOC Essentials: Investigating with Splunk – eLearning with labs SOC Essentials: Investigating with Splunk – Free eLearning Administering Splunk Observability Cloud – Free eLearning These courses provide targeted insights into security operations and observability, essential for anyone looking to enhance their data-driven capabilities. Explore them today to stay ahead in your field! All courses are available through the Splunk Course Catalog, accessible via our banner or directly on our platform.   Expanding Global Learning Access  As part of our commitment to accessibility and inclusion, we continue to translate eLearning courses into multiple languages and add non-English captions. This effort ensures that learners worldwide can grow their Splunk expertise in their preferred language, supporting our vision of an inclusive educational ecosystem. Each month presents new opportunities to expand your knowledge, boost your career, and enhance your contributions to enterprise resilience. Stay updated with the latest courses and continue your journey toward Splunk mastery – your next big career move could be just a course away. See you next month!  - Callie Skokos on behalf of the Splunk Education Crew
We like to say, the lightsaber is to Luke as Splunk is to Duke. Curious yet? Then read Eric Fusilero’s latest blog about the thrilling saga of Duke Cyberwalker, a fresh college grad turned cybersecur... See more...
We like to say, the lightsaber is to Luke as Splunk is to Duke. Curious yet? Then read Eric Fusilero’s latest blog about the thrilling saga of Duke Cyberwalker, a fresh college grad turned cybersecurity hero. It’s not just a creative and engaging narrative, it's a parable about daily professional challenges and growth. Join Duke on his epic adventure and discover how you, too, can transform the mundane into an adventure with Splunk.     Here’s a sneak peek into the transformative stages of his hero’s journey:    The Ordinary World: Duke begins his journey as a young, brilliant coder just out of college. He dreams of adventure but despite his potential, he struggles with self-doubt.    The Call to Adventure: Duke’s life takes a turn when he is asked to help thwart a cyber attack at his mother’s mid-sized retail business. Although her company uses Splunk, it was attacked by Black Hat Bot, which is stealing company data, sending out false and alarming information, and creating an environment of distrust. She doesn’t have a cybersecurity expert on site to optimize the platform and disarm the bot. She looks to Duke for help.   Refusal of the Call: At first, Duke is hesitant to get involved because he doesn’t feel like he is qualified to take on Black Hat Bot. He has yet to put his cybersecurity skills to the test and hasn’t yet worked with Splunk. He does not feel confident enough to take on Black Hat Bot.    Read the full blog here.
Hello,  Per the official AppDynamics documentation, a single node Event Service cluster is not supported for production and should be used for PoV or testing purposes only. By default Event Service... See more...
Hello,  Per the official AppDynamics documentation, a single node Event Service cluster is not supported for production and should be used for PoV or testing purposes only. By default Event Service will be installed as "production" deployment, and expects such deployment to be on, hence it will fail/crash if it is run on single node. To run a Single node, you will need to configure the events-service-api-store.yml accordingly: Comment out the following line (by putting "#" in front of the below line): cluster.initial_master_nodes:   $ { ad.es.cluster.initial_master_nodes } Add the following line under the above: discovery.type:   single-node Comment out the following line  (by putting "#" in front of the below line): discovery.seed_hosts: ${ad.es.node.unicast.hosts} Restart Event Service to apply new configs. Reference: https://www.elastic.co/guide/en/elasticsearch/reference/current/bootstrap-checks.html#single-node-discovery If you encounter any issues when running the above configurations, please reach out to the AppDynamics support organization.