• Professional Development
  • Medicine & Nursing
  • Arts & Crafts
  • Health & Wellbeing
  • Personal Development

Course Images

Splunk for Beginners: Make the Most of Machine Data Using Splunk

Splunk for Beginners: Make the Most of Machine Data Using Splunk

  • 30 Day Money Back Guarantee
  • Completion Certificate
  • 24/7 Technical Support

Highlights

  • On-Demand course

  • 5 hours 27 minutes

  • All levels

Description

In this course, you will learn to create effective visualizations for different stakeholders with the Splunk web framework, utilize tokens and event handlers, explore SDKs, interact with REST APIs, and build a test lab for log analysis and incident response.

Splunk offers extensive flexibility in the enterprise edition to help developers build robust applications. The development in Splunk path will equip you with the necessary knowledge and skills to build enterprise-grade applications by utilizing the best of what the platform has to offer, taking your foundational knowledge to more advanced levels. In this course, we will be exploring Splunk application planning, understanding and preparing data, creating apps and visualizations, result validation, and advanced release/management options. The course starts with setting up Splunk on the cloud and locally, and choosing the right platform for you. Then, you'll learn the features, components, types, and more about Splunk through this course. After that, you'll learn about Splunk apps and how to create them along with integrating data inputs, and maintaining them. Post that, you'll look at Splunk's REST API, SDK, and KV-Store. You'll explore the HTTP Event Collector (HEC).
Finally, in the last section, you'll use this knowledge to build a Splunk web application. By the end of this course, you'll be able to create effective visualizations for different stakeholders with the Splunk web framework, utilize tokens and event handlers, explore SDKs, interact with REST APIs, and build a test lab for log analysis and incident response. All the resource files are uploaded on the GitHub repository at https://github.com/PacktPublishing/Splunk-for-Beginners-Make-the-Most-of-Machine-Data-Using-Splunk

What You Will Learn

Set up the environment
Look at the features of Splunk
Learn about the Splunk REST API
Use tokens, event handlers, and custom visualizations
Explain how REST APIs and the KV Store work
Plan and create secure apps within the Splunk web framework

Audience

This course will be highly beneficial for individuals familiar with Splunk and who lack experience with enterprise administration options. Software developers, system administrators, search analysts, security professionals, and database administrators will also benefit and learn in-depth about the Splunk web framework.

Approach

This course is a blend of practical and theory videos in order to keep the concepts easy to digest and simultaneously execute. It is a concise yet complete course that helps you build your web application.

Key Features

Build the web application from scratch * Get access to all the resources used to build a web application * Create dashboards and forms to meet organizational needs

Github Repo

https://github.com/PacktPublishing/Splunk-for-Beginners-Make-the-Most-of-Machine-Data-Using-Splunk

About the Author
Cyber Academy

Cyber Academy is one of the leading institutions in the Southeast Europe region to provide a hands-on program that dives deep into different subjects of technology using 'Learn by Doing' methods. Their students are more focused on practical knowledge and skill development than pure theory. Their primary focus is cybersecurity, blockchain, and artificial intelligence.

Course Outline

1. Getting started with Splunk

1. What is Splunk?

This video provides a brief introduction of the main capabilities of Splunk. In order to understand this thoroughly, we'll learn about machine data.

2. Setting Up Splunk Locally

In this video, you'll be setting up Splunk locally. This video will be entirely hands-on; we will walk you through every step you need to set up Splunk locally.

3. Setting Up Splunk Cloud

In this video, you'll be setting up Splunk Cloud. This video will be hands-on, and we will be walking you through every step you need to do.

4. Choosing the Right Platform

This video explains the difference between Splunk Cloud and on-premises. Information shared in this video will help to decide if you want to set up Splunk Cloud or locally.

5. Installing Development Tools

In this video, you'll be installing development tools. This video will be hands-on, and we will walk you through the entire process of installing the development tools.

2. Introduction to Splunk

1. Splunk Enterprise Features

In this video, you'll be looking at Splunk enterprise features. you'll be learning about the dashboard and visualizations of data, how we monitor and report data and utilization of metrics data to boost search performance. Finally, you'll be exploring Splunk Search Processing Language (SPL).

2. Exploring Splunk Enterprise

In this video, you'll be focusing on uploading data and indexing. You'll learn how indexers and uploading works, explore the Add Data page in the Splunk web and talk about the importance of forwarders.

3. Splunk Enterprise Processing Components

In this video, you'll dive deeper into forwarders. There are three kinds of forwarders, and each of these forwarders has a part in Splunk enterprise. You'll also learn about indexers, search heads and deployment servers.

4. Splunk Enterprise Managing Components

In this video, you'll look at the license master, monitoring console and deployment server. You'll also take a deep look into the monitoring console and deployment server.

5. Splunk Deployment Types

In this video, you'll take a look at Splunk deployment types. Single-instance deployments and distributed deployments will be the key topics. You'll also be learning about small, medium and large enterprise.

6. Splunk Enterprise Users and Administration

In this video, you'll be discussing the five primary personas that use Splunk enterprise; capacity requirements; and a thorough explanation of the backups. After that, you'll analyze the steps of upgrading Splunk enterprise.

7. Splunk Enterprise Security

In this video, you'll be exploring the world of Splunk enterprise security. You'll start with user authentication and continue with important topics such as transport security, forwarder security, auditing Splunk activity, SSO with Splunk and LDAP integration.

8. Splunk Enterprise Troubleshooting and Optimization

In the last video, you'll study basic troubleshooting and optimization, and go through the Splunk enterprise logs one by one, and finally learn about the license violations.

3. Building Splunk Apps

1. What are Splunk Apps?

In this video, you'll be discussing Splunk apps: where Splunk apps are hosted, what Splunk add-ons are, and use cases of why you should make a Splunk app.

2. Creating the First Splunk App

In this video, you'll be going through the process of creating a Splunk app, creating dashboards, SplunkJS and creating files on the Splunk app.

3. Integrating Data Inputs

In this video, you'll take a deep dive into integrating data inputs. You'll look at how structured data and network security data work, the data input methods, network events, HTTP event collector, universal forwarders and heavy forwarders.

4. Release and Maintain Splunk Apps

In this video, you'll be learning when apps should be deployed. You'll explore how Splunk app packages are deployed; cloud vet and release; how managing private apps in Splunk Cloud works; and how to uninstall the private app in Splunk Cloud. Through different diagrams, you'll visualize some of the processes.

4. Developing with Splunk's REST API

1. Splunk REST API

In this video, you'll be learning Splunk REST API. Request methods, encoding schema and interacting with the API.

2. Splunk SDK

In this video, you'll look at Splunk SDK. You'll understand the importance of authentication and authorization, the process of searching in different modes and to display search results.

3. Splunk KV-Store

In this video, you'll learn about the KV-Store or App Key-Value store. You'll see what KV-Store is used for, how we create KV collections, lookup and output lookup.

4. Splunk HTTP Event Collector (HEC)

In this video, you'll learn about HTTP Event Collector (HEC). You'll understand how data is sent to the HEC and logging libraries (JS).

5. Assembling the Pieces

1. Building a Splunk Web Application

In this video, you'll build a web application using Splunk. Python and Flask microframework will also be used. This app will enable the user to interact with the visualized data; like all other web applications, the standard templates will be used along with CSS to style web pages to build this app.

Course Content

  1. Splunk for Beginners: Make the Most of Machine Data Using Splunk

About The Provider

Packt
Packt
Birmingham
Founded in 2004 in Birmingham, UK, Packt’s mission is to help the world put software to work in new ways, through the delivery of effective learning and i...
Read more about Packt

Tags

Reviews