Splunk for Security Analytics and Monitoring
Splunk offers IT technicians a single-pane inventory, performance and security monitoring interface for on-premises and cloud-based devices, servers, apps and services. In this course, learn how to plan the deployment and management of a Splunk ecosystem to provide a centralized way to monitor the performance and security of on-premises and cloud-based IT devices and software services.
Instructor Daniel Lachance shows you how to deploy Splunk servers on-premises and in the cloud followed by configuring a variety of data sources such as Microsoft Active Directory and LInux log files, to forward their events to a Splunk indexer. Then, work with the Splunk web GUI, perform queries, manage dashboards, reports and alerts, and learn how to use playbooks to automate event workflows.