Splunk 9: Generating Tailored Searches
Splunk knowledge is the cornerstone of IT operations. This course will give you the knowledge and tools to help you learn more about this SIEM, and how to use it to search for specific data using advanced queries.
What you'll learn
Splunk is used for many different applications within our enterprise environments, enabling us to store, analyze, and track machine data and other information within our networks. Knowing how to search is one thing, but understanding how to tailor your searches to find and manipulate specific data is tough! In this course, Splunk 9: Generating Tailored Searches, you'll learn the skills needed to optimize your Splunk environment. First, you’ll explore how to use lookup tables with Splunk queries. Then, you’ll discover various Splunk commands for statistics, visualizations, and evaluations to manipulate and view the data in different ways. After that, you’ll dive into subsearches, multivalue fields, and more Splunk commands surrounding these. Finally, you’ll learn how to tune your searches and filter your data to find exactly what you’re looking for. When you’re finished with this course, you'll have the knowledge to be able to use advanced search functionality and commands to filter and manipulate your data.
Table of contents
About the author
Joe Abraham, CCIE #62417, is a Cybersecurity Architect working in the public sector space, assisting customers develop and implement functional and secure network architectures. He graduated from Excelsior College with an M.S. in Cybersecurity and a B.S. in Information Technology (Network Management). He currently holds many IT certifications to include CCIE, CISSP, GSEC, and CCNP Security. Joe is a mentor to IT professionals and a blogger who spends his time either with his wife and three child... more