Booking options
£26.99
£26.99
On-Demand course
5 hours 27 minutes
All levels
In this course, you will learn to create effective visualizations for different stakeholders with the Splunk web framework, utilize tokens and event handlers, explore SDKs, interact with REST APIs, and build a test lab for log analysis and incident response.
Splunk offers extensive flexibility in the enterprise edition to help developers build robust applications. The development in Splunk path will equip you with the necessary knowledge and skills to build enterprise-grade applications by utilizing the best of what the platform has to offer, taking your foundational knowledge to more advanced levels. In this course, we will be exploring Splunk application planning, understanding and preparing data, creating apps and visualizations, result validation, and advanced release/management options. The course starts with setting up Splunk on the cloud and locally, and choosing the right platform for you. Then, you'll learn the features, components, types, and more about Splunk through this course. After that, you'll learn about Splunk apps and how to create them along with integrating data inputs, and maintaining them. Post that, you'll look at Splunk's REST API, SDK, and KV-Store. You'll explore the HTTP Event Collector (HEC).
Finally, in the last section, you'll use this knowledge to build a Splunk web application. By the end of this course, you'll be able to create effective visualizations for different stakeholders with the Splunk web framework, utilize tokens and event handlers, explore SDKs, interact with REST APIs, and build a test lab for log analysis and incident response. All the resource files are uploaded on the GitHub repository at https://github.com/PacktPublishing/Splunk-for-Beginners-Make-the-Most-of-Machine-Data-Using-Splunk
Set up the environment
Look at the features of Splunk
Learn about the Splunk REST API
Use tokens, event handlers, and custom visualizations
Explain how REST APIs and the KV Store work
Plan and create secure apps within the Splunk web framework
This course will be highly beneficial for individuals familiar with Splunk and who lack experience with enterprise administration options. Software developers, system administrators, search analysts, security professionals, and database administrators will also benefit and learn in-depth about the Splunk web framework.
This course is a blend of practical and theory videos in order to keep the concepts easy to digest and simultaneously execute. It is a concise yet complete course that helps you build your web application.
Build the web application from scratch * Get access to all the resources used to build a web application * Create dashboards and forms to meet organizational needs
https://github.com/PacktPublishing/Splunk-for-Beginners-Make-the-Most-of-Machine-Data-Using-Splunk
Cyber Academy is one of the leading institutions in the Southeast Europe region to provide a hands-on program that dives deep into different subjects of technology using 'Learn by Doing' methods. Their students are more focused on practical knowledge and skill development than pure theory. Their primary focus is cybersecurity, blockchain, and artificial intelligence.
1. Getting started with Splunk
1. What is Splunk? This video provides a brief introduction of the main capabilities of Splunk. In order to understand this thoroughly, we'll learn about machine data. |
2. Setting Up Splunk Locally In this video, you'll be setting up Splunk locally. This video will be entirely hands-on; we will walk you through every step you need to set up Splunk locally. |
3. Setting Up Splunk Cloud In this video, you'll be setting up Splunk Cloud. This video will be hands-on, and we will be walking you through every step you need to do. |
4. Choosing the Right Platform This video explains the difference between Splunk Cloud and on-premises. Information shared in this video will help to decide if you want to set up Splunk Cloud or locally. |
5. Installing Development Tools In this video, you'll be installing development tools. This video will be hands-on, and we will walk you through the entire process of installing the development tools. |
2. Introduction to Splunk
1. Splunk Enterprise Features In this video, you'll be looking at Splunk enterprise features. you'll be learning about the dashboard and visualizations of data, how we monitor and report data and utilization of metrics data to boost search performance. Finally, you'll be exploring Splunk Search Processing Language (SPL). |
2. Exploring Splunk Enterprise In this video, you'll be focusing on uploading data and indexing. You'll learn how indexers and uploading works, explore the Add Data page in the Splunk web and talk about the importance of forwarders. |
3. Splunk Enterprise Processing Components In this video, you'll dive deeper into forwarders. There are three kinds of forwarders, and each of these forwarders has a part in Splunk enterprise. You'll also learn about indexers, search heads and deployment servers. |
4. Splunk Enterprise Managing Components In this video, you'll look at the license master, monitoring console and deployment server. You'll also take a deep look into the monitoring console and deployment server. |
5. Splunk Deployment Types In this video, you'll take a look at Splunk deployment types. Single-instance deployments and distributed deployments will be the key topics. You'll also be learning about small, medium and large enterprise. |
6. Splunk Enterprise Users and Administration In this video, you'll be discussing the five primary personas that use Splunk enterprise; capacity requirements; and a thorough explanation of the backups. After that, you'll analyze the steps of upgrading Splunk enterprise. |
7. Splunk Enterprise Security In this video, you'll be exploring the world of Splunk enterprise security. You'll start with user authentication and continue with important topics such as transport security, forwarder security, auditing Splunk activity, SSO with Splunk and LDAP integration. |
8. Splunk Enterprise Troubleshooting and Optimization In the last video, you'll study basic troubleshooting and optimization, and go through the Splunk enterprise logs one by one, and finally learn about the license violations. |
3. Building Splunk Apps
1. What are Splunk Apps? In this video, you'll be discussing Splunk apps: where Splunk apps are hosted, what Splunk add-ons are, and use cases of why you should make a Splunk app. |
2. Creating the First Splunk App In this video, you'll be going through the process of creating a Splunk app, creating dashboards, SplunkJS and creating files on the Splunk app. |
3. Integrating Data Inputs In this video, you'll take a deep dive into integrating data inputs. You'll look at how structured data and network security data work, the data input methods, network events, HTTP event collector, universal forwarders and heavy forwarders. |
4. Release and Maintain Splunk Apps In this video, you'll be learning when apps should be deployed. You'll explore how Splunk app packages are deployed; cloud vet and release; how managing private apps in Splunk Cloud works; and how to uninstall the private app in Splunk Cloud. Through different diagrams, you'll visualize some of the processes. |
4. Developing with Splunk's REST API
1. Splunk REST API In this video, you'll be learning Splunk REST API. Request methods, encoding schema and interacting with the API. |
2. Splunk SDK In this video, you'll look at Splunk SDK. You'll understand the importance of authentication and authorization, the process of searching in different modes and to display search results. |
3. Splunk KV-Store In this video, you'll learn about the KV-Store or App Key-Value store. You'll see what KV-Store is used for, how we create KV collections, lookup and output lookup. |
4. Splunk HTTP Event Collector (HEC) In this video, you'll learn about HTTP Event Collector (HEC). You'll understand how data is sent to the HEC and logging libraries (JS). |
5. Assembling the Pieces
1. Building a Splunk Web Application In this video, you'll build a web application using Splunk. Python and Flask microframework will also be used. This app will enable the user to interact with the visualized data; like all other web applications, the standard templates will be used along with CSS to style web pages to build this app. |