Security

Enterprise Security, hands-on workshop

17th March 2021
12:00PM – 3:00PM AEDT

Enterprise Security is a modular, hands-on workshop designed to familiarise participants with how to investigate incidents using Splunk Enterprise and Splunk Enterprise Security. This workshop provides users an opportunity to walk through multiple scenarios and see first-hand how Enterprise Security can be used from the creation of a notable event to investigate all the way to the raw event that identifies the adversaries action. The workshop leverages the popular Boss of the SOC (BOTS) dataset and is laid out in an interactive format. Users will leave with a better understanding of how Splunk and Enterprise Security can be used to generate notable events and investigate them as they occur in the enterprise.

Prerequisites: None


Building Correlation Searches with Splunk,
hands on workshop

31st March 2021
12:00PM – 3:30PM AEDT

This is a modular, hands-on workshop designed to show participants how to leverage Splunk to develop their own correlation searches. Users will gain familiarity with building correlation searches in Splunk, as well as introducing data models and the tstats command that can provide a user a method to further optimise their correlation searches. The workshop leverages the popular Boss of the SOC (BOTS) dataset with hands-on exercises that build on one another. Users will come away with a better understanding of how to build their own correlation searches in Splunk as well as how to customise their associated notable events to provide more immediate insights to their analysts.

Prerequisites: Splunk Fundamentals 1 (highly recommended), Enterprise Security hands on workshop or some ES experience is also be recommended.


Advanced Persistent Threat Hunting with Splunk,
hands on workshop

21st April 2021
12:00PM – 3:00PM AEST

APT hunting with Splunk is a modular, hands-on workshop designed to provide a deeper dive into an Advanced Persistent Threat while providing an opportunity for participants to develop hypotheses and hunt. This workshop leverages Splunk and Enterprise Security and introduces how models like the Lockheed Martin Kill Chain, MITRE ATT&CK and Diamond Model can be used to contextualise their hunts. The workshop leverages the popular Boss of the SOC (BOTS) dataset in a multi-hunt format. Users will leave with a better understanding of how Splunk can be used to hunt for threats within their enterprise.

Prerequisites: None


IT

Machine Learning, hands-on workshop

10th March 2021
12:00PM – 3:00PM AEDT

A 3 hour session where attendees will get an introduction to Splunk's Machine Learning Toolkit (MLTK). They will gain hands-on experience where they are given Machine Learning Challenges to be solved and results collected on dashboards in their own AWS hosted Splunk instance. During this interactive, hands on workshop we will also cover Exploratory Data Analysis and how to detect outliers and more!

Who should attend? Existing Splunk users who want an intro and a first hands-on experience with MLTK Analytics / BA/BI / Data Science teams who want to learn more about Splunk and MLTK IT Ops / Security / IoT Splunk users who want to learn more about Splunk and MLTK.

Prerequisites: Splunk Power User certification as a minimum (more is always better)


Data Onboarding, hands-on workshop

24th March 2021
12:00PM – 3:00PM AEDT

A hands-on workshop that focuses on Splunk as a platform and the ability to onboard data into Splunk. This workshop explores the various ways to gather inputs, best practices and the various methods to bring data into Splunk:, including, Collecting Data Indexing Best Practices, Field extraction and CIM compliance.

Who should attend? Splunk administrators responsible for onboarding data, creating knowledge objects and eventually building TA. Ideally, you should be familiar with Splunk and its main principles. we will not explain Splunk basics during this workshop - we jump directly on how to do things and applying best practices.

Prerequisites: Splunk Power User certification as a minimum (more is always better)


Splunk ITSI for Ninjas, hands-on workshop

14th April 2021
12:00PM – 3:00PM AEST

This workshop provides a focused, hands-on experience using Splunk ITSI’s various workflows for troubleshooting IT problems. In this workshop you will learn about the basic AIOps features provided by ITSI and SAI:
Service Monitoring, technical and business
Multiple ways to visualize service health and correlate KPIs
Various ML features Integration points to Splunk Enterprise, other Splunk products.

The Splunk ITSI for Ninjas largely builds upon KPIs and services that are already defined. This allows you to experience the ease-of-use of ITSI, without having to learn SPL from scratch.

Prerequisites: The Splunk ITSI for Ninjas largely builds upon KPIs and services that are already defined. This allows you to experience the ease-of-use of ITSI, without having to learn SPL from scratch.


Splunk Search Party hands-on workshop

28th April 2021
12:00PM – 3:00PM AEST

The Splunk Search Party Workshop is a hands-on workshop to allow you to become familiar with the most popular Splunk search commands, build dashboards, and create an alert. This is a great introduction to Splunk if you are considering it for your organisation.

Prerequisites: Although this hands-on workshop doesn't require any Splunk experience, it's recommended that you complete our free Fundamentals I online training.



DO NOT EDIT