Creating Workflow Actions in Splunk

Have you been wanting to use your data better within Splunk? This course will give you the knowledge and tools to help you learn more about this SIEM, the workflow actions possible within it, and how to use them to add more context to your data.
Course info
Level
Intermediate
Updated
Aug 21, 2019
Duration
1h 10m
Table of contents
Description
Course info
Level
Intermediate
Updated
Aug 21, 2019
Duration
1h 10m
Description

In today's IT environments, there is a lot of talk regarding integrations between technologies and products, as well as the ability to add more context to the data that you see and use. Splunk's workflow actions can help add context to your data, or use it effectively for multiple purposes. Taking advantage of HTTP GET and POST request formats, these actions can reduce administration time and drastically increase productivity while using Splunk, as well as allow you to perform additional searches based on pre-defined criteria. This course will teach you everything that you need to know about the three default workflow actions in Splunk, as well as how to configure them to suit your own needs. We'll step through the knowledge and the configuration of GET workflow actions, POST workflow actions, and search workflow actions so that by the time you're finished with this course, you'll be able to step in and use your data better.

About the author
About the author

Joe is a Network Consulting Engineer and has worked in the IT industry since 2010. He has experience in teaching and mentoring IT professionals in both DoD environments and in the civilian sector, in both the networking and IT security fields.

More from the author
Getting Started with Zeek
Beginner
1h 27m
Nov 6, 2019
Protocol Deep Dive: IPsec
Intermediate
2h 27m
Oct 28, 2019
More courses by Joe Abraham
Section Introduction Transcripts
Section Introduction Transcripts

Course Overview
Hi everyone, my name is Joe Abraham, and welcome to my course Creating Workflow Actions in Splunk. I'm currently a network security consultant and a Pluralsight author for both IT operations and security topics. Are you trying to expand the uses of your data that's collected from your environment? Have you been wanting to try to add some additional context to it as well? in this course, we're going to do that. We will help you create workflow actions to assist you in providing more flexibility with your data so that you can take advantage of it in every way that you can. Some of the major topics that we will cover include GET workflow actions, POST workflow actions, and search workflow actions. By the end of this course, you'll know how to create and manipulate these workflow actions in both the Splunk CLI and the GUI. Before beginning this course, you should be familiar with Splunk and be able to work with it, as well as have familiarity with basic IT terminology, knowledge of machine data would help out as well. From here, you should feel comfortable diving further into the Splunk learning path at Pluralsight and learning more about both Splunk and the data that you can send to it through courses on generating tailored searches and creating and managing knowledge objects. I hope you'll join me on this journey to learn more about Splunk with the Creating Workflow Actions in Splunk course at Pluralsight.