Creating Workflow Actions in Splunk
Have you been wanting to use your data better within Splunk? This course will give you the knowledge and tools to help you learn more about this SIEM, the workflow actions possible within it, and how to use them to add more context to your data.
What you'll learn
In today's IT environments, there is a lot of talk regarding integrations between technologies and products, as well as the ability to add more context to the data that you see and use. Splunk's workflow actions can help add context to your data, or use it effectively for multiple purposes. Taking advantage of HTTP GET and POST request formats, these actions can reduce administration time and drastically increase productivity while using Splunk, as well as allow you to perform additional searches based on pre-defined criteria. This course will teach you everything that you need to know about the three default workflow actions in Splunk, as well as how to configure them to suit your own needs. We'll step through the knowledge and the configuration of GET workflow actions, POST workflow actions, and search workflow actions so that by the time you're finished with this course, you'll be able to step in and use your data better.
Table of contents
About the author
Joe Abraham, CCIE #62417, is a Network Security Consultant working in the public sector space, assisting customers develop and implement functional and secure network architectures. He graduated from Excelsior College with an M.S. in Cybersecurity and a B.S. in Information Technology (Network Management). He currently holds many IT certifications to include CCIE, CISSP, GSEC, and CCNP Security. He is also a member of the GIAC Advisory Board. Joe is a mentor to IT professionals and a blogger who ... more