Security

Phantom, *Registration closed.
hands-on workshop

11th August 2021
12:00PM – 3:00PM AEST

The Phantom hands-on workshop is designed to familiarise participants with how to respond to incidents, manage cases and artefacts, as well as automate your incident response and standard operating procedures. This workshop provides users an opportunity to walk through a real-world scenario and see first-hand how Phantom can be used from the creation of a notable event, to enriching alerts by automatically gathering data, all the way to managing and resolving the incident.

Prerequisites: None


Enterprise Security,
hands-on workshop

1st September 2021
12:00PM – 3:00PM AEST

Enterprise Security is a modular, hands-on workshop designed to familiarise participants with how to investigate incidents using Splunk Enterprise and Splunk Enterprise Security. This workshop provides users an opportunity to walk through multiple scenarios and see first-hand how Enterprise Security can be used from the creation of a notable event to investigate all the way to the raw event that identifies the adversary’s action. The workshop leverages the popular Boss of the SOC (BOTS) dataset and is laid out in an interactive format. Users will leave with a better understanding of how Splunk and Enterprise Security can be used to generate notable events and investigate them as they occur in the enterprise.

Prerequisites: None


DO NOT EDIT

Building Correlation Searches with Splunk,
hands on workshop

13th October 2021
12:00PM – 3:00PM AEDT

This is a modular, hands-on workshop designed to show participants how to leverage Splunk to develop their own correlation searches. Users will gain familiarity with building correlation searches in Splunk, as well as introducing data models and the tstats command that can provide a user a method to further optimise their correlation searches. The workshop leverages the popular Boss of the SOC (BOTS) dataset with hands-on exercises that build on one another. Users will come away with a better understanding of how to build their own correlation searches in Splunk as well as how to customise their associated notable events to provide more immediate insights to their analysts.

Prerequisites: Splunk Fundamentals 1 (highly recommended).


Advanced Persistent Threat Hunting with Splunk,
hands-on workshop

10th November 2021
12:00PM – 3:00PM AEDT

APT hunting with Splunk is a modular, hands-on workshop designed to provide a deeper dive into an Advanced Persistent Threat while providing an opportunity for participants to develop hypotheses and hunt. This workshop leverages Splunk and Enterprise Security and introduces how models like the Lockheed Martin Kill Chain, MITRE ATT&CK and Diamond Model can be used to contextualise their hunts. The workshop leverages the popular Boss of the SOC (BOTS) dataset in a multi-hunt format. Users will leave with a better understanding of how Splunk can be used to hunt for threats within their enterprise.

Prerequisites: None


Phantom,
hands-on workshop

1st December 2021
12:00PM – 3:00PM AEDT

The Phantom hands-on workshop is designed to familiarise participants with how to respond to incidents, manage cases and artefacts, as well as automate your incident response and standard operating procedures. This workshop provides users an opportunity to walk through a real-world scenario and see first-hand how Phantom can be used from the creation of a notable event, to enriching alerts by automatically gathering data, all the way to managing and resolving the incident.

Prerequisites: None


GCP Security,
hands-on workshop

12th January 2022
12:00PM – 3:00PM AEDT

This is a scenario-based hands-on workshop designed for Splunk security customers already in or moving into Google Cloud Platform (GCP). The scenarios utilize different pieces of cloud-focused data and include an email investigation (using Gmail), a key compromise against a custom Google Cloud Function, and a Storage Bucket investigation.

Prerequisites: None


IT

Machine Learning, *Registration closed.
hands-on workshop

18th August 2021
12:00PM – 3:00PM AEST

A 3 hour session where attendees will get an introduction to Splunk's Machine Learning Toolkit (MLTK). They will gain hands-on experience where they are given Machine Learning Challenges to be solved and results collected on dashboards in their own AWS hosted Splunk instance. During this interactive, hands on workshop we will also cover Exploratory Data Analysis and how to detect outliers and more!

Who should attend? Existing Splunk users who want an intro and a first hands-on experience with MLTK Analytics / BA/BI / Data Science teams who want to learn more about Splunk and MLTK IT Ops / Security / IoT Splunk users who want to learn more about Splunk and MLTK.

Prerequisites: Splunk Power User certification as a minimum (more is always better)


Data Onboarding,
hands-on workshop

22nd September 2021
12:00PM – 3:00PM AEST

A hands-on workshop that focuses on Splunk as a platform and the ability to onboard data into Splunk. This workshop explores the various ways to gather inputs, best practices and the various methods to bring data into Splunk, including, Collecting Data Indexing Best Practices, Field extraction and CIM compliance.

Who should attend? Splunk administrators responsible for onboarding data, creating knowledge objects and eventually building TA. Ideally, you should be familiar with Splunk and its main principles. we will not explain Splunk basics during this workshop - we jump directly on how to do things and applying best practices.

Prerequisites: None


Splunk ITSI for Ninjas,
hands-on workshop

20th October 2021
12:00PM – 3:00PM AEDT

This workshop provides a focused, hands-on experience using Splunk ITSI’s various workflows for troubleshooting IT problems. In this workshop you will learn about the basic AIOps features provided by ITSI and SAI:
Service Monitoring, technical and business
Multiple ways to visualize service health and correlate KPIs
Various ML features Integration points to Splunk Enterprise, other Splunk products.

The Splunk ITSI for Ninjas largely builds upon KPIs and services that are already defined. This allows you to experience the ease-of-use of ITSI, without having to learn SPL from scratch.

Prerequisites: Ideally you have entry-level to intermediate Splunk / ITSI knowledge.


Splunk Search Party,
hands-on workshop

24th November 2021
12:00PM – 3:00PM AEDT

The Splunk Search Party Workshop is a hands-on workshop to allow you to become familiar with the most popular Splunk search commands, build dashboards, and create an alert. This is a great introduction to Splunk if you are considering it for your organisation.

Prerequisites: Although this hands-on workshop doesn't require any Splunk experience, it's recommended that you complete our free Fundamentals I online training.


Machine Learning,
hands-on workshop

15th December 2021
12:00PM – 3:00PM AEDT

A 3 hour session where attendees will get an introduction to Splunk's Machine Learning Toolkit (MLTK). They will gain hands-on experience where they are given Machine Learning Challenges to be solved and results collected on dashboards in their own AWS hosted Splunk instance. During this interactive, hands on workshop we will also cover Exploratory Data Analysis and how to detect outliers and more!

Who should attend? Existing Splunk users who want an intro and a first hands-on experience with MLTK Analytics / BA/BI / Data Science teams who want to learn more about Splunk and MLTK IT Ops / Security / IoT Splunk users who want to learn more about Splunk and MLTK.

Prerequisites: Splunk Power User certification as a minimum (more is always better)


Data Onboarding,
hands-on workshop

19th January 2022
12:00PM – 3:00PM AEDT

A hands-on workshop that focuses on Splunk as a platform and the ability to onboard data into Splunk. This workshop explores the various ways to gather inputs, best practices and the various methods to bring data into Splunk, including, Collecting Data Indexing Best Practices, Field extraction and CIM compliance.

Who should attend? Splunk administrators responsible for onboarding data, creating knowledge objects and eventually building TA. Ideally, you should be familiar with Splunk and its main principles. we will not explain Splunk basics during this workshop - we jump directly on how to do things and applying best practices.

Prerequisites: None