Splunk 9: Optimizing Fields, Tags, and Event Types
Splunk knowledge is the cornerstone of its operations. This course will give you the knowledge and tools to help you learn more about this SIEM, the knowledge within it, and how to manipulate it to create efficiencies.
What you'll learn
Splunk is used for many different applications within our enterprise environments, enabling us to store, analyze, and track machine data and other information within our networks. Managing the knowledge and knowledge objects that it uses can be cumbersome. In this course, Splunk 9: Optimizing Fields, Tags, and Event Types, you'll learn the skills needed to optimize your Splunk environment. First, you'll explore knowledge and knowledge objects. After, you'll learn about Splunk fields and how to extract and use them. Then, you'll delve into creating and using tags and event types. You'll explore how to enrich Splunk via lookups as well. Finally, you'll use Splunk macros and create efficiencies within them. When you’re finished with this course, you'll have the knowledge to be able to optimize Splunk and share the efficiencies you create with your enterprise.
Table of contents
About the author
Joe Abraham, CCIE #62417, is a Cybersecurity Architect working in the public sector space, assisting customers develop and implement functional and secure network architectures. He graduated from Excelsior College with an M.S. in Cybersecurity and a B.S. in Information Technology (Network Management). He currently holds many IT certifications to include CCIE, CISSP, GSEC, and CCNP Security. Joe is a mentor to IT professionals and a blogger who spends his time either with his wife and three child... more