Course Overview
The SOC Administrator learning path modules teach security admins to install, configure, and manage Enterprise Security on Splunk Enterprise.
This Learning Path is usually delivered over a period of 5 weeks, but students can choose to schedule their modules in an alternative timeline.
Prerequisites
To be successful, students should have a solid understanding of the following:
- How Splunk works
- Creating search queries
To prepare for any Splunk Role-Based Learning Path, students should complete these free introductory e-learning modules:
- What is Splunk? (WIS)
- Intro to Splunk (ITS)
- Using Fields (Free) (SUFF) OR Using Fields (SUF) (fee required; includes hands-on labs)
And before starting the SOC Administrator (Enterprise Security) On-Prem Learning Path, students should complete these free e-learning modules:
Course Content
The SOC Administrator (Enterprise Security) On-Prem Learning Path includes the following modules:
- Leveraging Lookups and Subsearches (LLS)
- Search Under the Hood (SUH) (e-learning)
- Intro to Knowledge Objects (IKO) (e-learning)
- Creating Knowledge Objects (CKO)
- Creating Field Extractions (CFE)
- Enriching Data with Lookups (EDL)
- Data Models (SDM)
- Introduction to Dashboards (ITD)
- Dynamic Dashboards (SDD)
- Splunk Enterprise System Administration (SESA)
- Splunk Enterprise Data Administration (SEDA)
- Administering Splunk Enterprise Security (ASES)