0
Shopping cart
( 0 items )
Remove all
Subtotal
(Before tax)
0
View Shopping Cart
Education Services
Education Services
Arrow Electronics, Inc.

Administering Splunk SOAR

CODE: SPL_ASS

LENGTH: 1,12 Hours (0,14 days)

PRICE: kr5 075,00

Expand all
Description

This 3 hour course prepares IT professionals to configure and manage SOAR.

Objectives

  • SOAR concepts

  • Initial configuration

  • Apps and assets

  • Configuring automation

  • User management

  • Ingesting Data

  • Customization and monitoring

Prerequisites

Classes:

  • Investigating Incidents with Splunk SOAR

Programme

Topic 1 –Initial Configuration

  • Describe SOAR operating concepts

  • Identify documentation and community resources

  • SOAR & Splunk Architecture

  • Product settings

  • Access control

  • Authentication settings

  • Response settings

  • Understanding roles

  • Creating users

  • Managing user access

Topic 2 – Apps, Assets and Playbooks

  • Add and configure apps and assets

  • Manage playbooks

  • Ingesting Data

  • Labels and tags

  • Event settings

    • Topic 3 – Customization and Monitoring

    • Create custom severity levels

    • Create custom status levels

    • Add custom fields and CEF settings

    • Create custom workbooks

    • Run reports

    • Use SOAR audit tools

    • Monitor system health

      • Session Dates