Security

Phantom,
hands-on workshop

5th May 2021 *Registration for this event has ended.
12:00PM – 3:00PM AEST

The Phantom hands-on workshop is designed to familiarise participants with how to respond to incidents, manage cases and artefacts, as well as automate your incident response and standard operating procedures. This workshop provides users an opportunity to walk through a real-world scenario and see first-hand how Phantom can be used from the creation of a notable event, to enriching alerts by automatically gathering data, all the way to managing and resolving the incident.

Prerequisites: None


Enterprise Security,
hands-on workshop

19th May 2021 *Registration for this event has ended.
12:00PM – 3:00PM AEST

Enterprise Security is a modular, hands-on workshop designed to familiarise participants with how to investigate incidents using Splunk Enterprise and Splunk Enterprise Security. This workshop provides users an opportunity to walk through multiple scenarios and see first-hand how Enterprise Security can be used from the creation of a notable event to investigate all the way to the raw event that identifies the adversaries action. The workshop leverages the popular Boss of the SOC (BOTS) dataset and is laid out in an interactive format. Users will leave with a better understanding of how Splunk and Enterprise Security can be used to generate notable events and investigate them as they occur in the enterprise.

Prerequisites: None


Building Correlation Searches with Splunk,
hands on workshop

9th June 2021 *Registration for this event has ended.
12:00PM – 3:00PM AEST

This is a modular, hands-on workshop designed to show participants how to leverage Splunk to develop their own correlation searches. Users will gain familiarity with building correlation searches in Splunk, as well as introducing data models and the tstats command that can provide a user a method to further optimise their correlation searches. The workshop leverages the popular Boss of the SOC (BOTS) dataset with hands-on exercises that build on one another. Users will come away with a better understanding of how to build their own correlation searches in Splunk as well as how to customise their associated notable events to provide more immediate insights to their analysts.

Prerequisites: Splunk Fundamentals 1 (highly recommended), Enterprise Security hands on workshop or some ES experience is also be recommended.


GCP Security,
hands-on workshop

23rd June 2021 *Registration for this event has ended.

12:00PM – 3:00PM AEST

This is a scenario-based hands-on workshop designed for Splunk security customers already in or moving into Google Cloud Platform (GCP). The scenarios utilize different pieces of cloud-focused data and include an email investigation (using GMail), a key compromise against a custom Google Cloud Function, and a Storage Bucket investigation.

Prerequisites: None


AWS Security Episode 2,
hands-on workshop

7th July 2021
12:00PM – 3:00PM AEST

This workshop is designed to extend your knowledge into the AWS suite of solutions beyond EC2 and S3. During the workshop, hands-on investigations leveraging CloudTrail and CloudWatch data, as well as VPC Flow data are provided. Data sets created by AWS security solutions, like Guard Duty and Security Hub, will be introduced as well. The workshop concludes with detections from ESCU and SSE to highlight the integration of AWS data sources into Enterprise Security. The workshop leverages the Boss of the SOC (BOTS) dataset with hands-on exercises throughout. Users will come away with a better understanding of the logging available to them from AWS and which events are important to collect to gain visibility into adversary actions in the environment.

Prerequisites: None


Kubernetes (K8s) Security Monitoring,
hands-on workshop

28th July 2021
12:00PM – 3:00PM AEST

Kubernetes (K8s) Security Monitoring Workshop is a modular, hands-on workshop designed to familiarize participants with how to leverage Splunk to do security monitoring in environments that use Kubernetes container orchestration technology. The workshop first provides users an introduction to the Kubernetes technology, then moves into building familiarity with three different Kubernetes focused data sources in Splunk by reviewing suspicious examples in those data sources. Splunk provided detection content for Kubernetes environments will also be covered. The workshop leverages the popular Boss of the SOC (BOTS) dataset with hands-on exercises that build on one another. Users will come away with a better understanding of how to use Kubernetes focused log data in Splunk to look for security relevant events/incidents and operationalize their security monitoring in Kubernetes environments.

IT

Machine Learning,
hands-on workshop

12th May 2021 *This event has passed.
12:00PM – 3:00PM AEST

A 3 hour session where attendees will get an introduction to Splunk's Machine Learning Toolkit (MLTK). They will gain hands-on experience where they are given Machine Learning Challenges to be solved and results collected on dashboards in their own AWS hosted Splunk instance. During this interactive, hands on workshop we will also cover Exploratory Data Analysis and how to detect outliers and more! Who should attend? Existing Splunk users who want an intro and a first hands-on experience with MLTK Analytics / BA/BI / Data Science teams who want to learn more about Splunk and MLTK IT Ops / Security / IoT Splunk users who want to learn more about Splunk and MLTK.

Prerequisites: Splunk Power User certification as a minimum (more is always better)


Data Onboarding,
hands-on workshop

26th May 2021 *Registration for this event has ended.
12:00PM – 3:00PM AEST

A hands-on workshop that focuses on Splunk as a platform and the ability to onboard data into Splunk. This workshop explores the various ways to gather inputs, best practices and the various methods to bring data into Splunk:, including, Collecting Data Indexing Best Practices, Field extraction and CIM compliance.

Who should attend? Splunk administrators responsible for onboarding data, creating knowledge objects and eventually building TA. Ideally, you should be familiar with Splunk and its main principles. we will not explain Splunk basics during this workshop - we jump directly on how to do things and applying best practices.

Prerequisites: None


Splunk ITSI for Ninjas,
hands-on workshop

16th June 2021 *Registration for this event has ended.

12:00PM – 3:00PM AEST

This workshop provides a focused, hands-on experience using Splunk ITSI’s various workflows for troubleshooting IT problems. In this workshop you will learn about the basic AIOps features provided by ITSI and SAI: Service Monitoring, technical and business Multiple ways to visualize service health and correlate KPIs Various ML features Integration points to Splunk Enterprise, other Splunk products.

The Splunk ITSI for Ninjas largely builds upon KPIs and services that are already defined. This allows you to experience the ease-of-use of ITSI, without having to learn SPL from scratch.

Prerequisites: Ideally you have entry-level to intermediate Splunk / ITSI knowledge.


Splunk Search Party,
hands-on workshop

30th June 2021
12:00PM – 3:00PM AEST

The Splunk Search Party Workshop is a hands-on workshop to allow you to become familiar with the most popular Splunk search commands, build dashboards, and create an alert. This is a great introduction to Splunk if you are considering it for your organisation.

Prerequisites: Although this hands-on workshop doesn't require any Splunk experience, it's recommended that you complete our free Fundamentals I online training.

DO NOT EDIT