Hi Guys,
I am new to Splunk. I work with other SIEM but I don't have experience on Splunk for managing search, app, IDS tuning, SIEM managing. Can anyone guide me to help in that?
Hope to get your reply soon.
Kind Regards,
Jay
If you are brand-new to Splunk, I suggest you look at the previous Hungry newbie Answers posting. There is a lot to learn before you get to your security use cases.
Are you using Splunk Enterprise Security? If so, after you have basic familiarity with how Splunk Enterprise works, you could look at the Splunk Enterprise Security Use Cases to begin to see how that product operates.
Jay, one way is to be active on this forum. Follow the questions and try to answer after some time. Like this you make the learning experience live and interactive. Lots of fun ; -)
Another path is the certifications one. The Power User is a good place to start as it covers the fundamentals of the product.
Thnx Ddrillic!!
For general Splunk check out the free ebook here:
http://www.Splunk.com/goto/book
For security, check out this new free app:
https://splunkbase.splunk.com/app/3358/
Thnx Adauria!!
You can check out the Search Tutorial
http://docs.splunk.com/Documentation/Splunk/6.5.0/SearchTutorial/WelcometotheSearchTutorial
and the Search Manual
http://docs.splunk.com/Documentation/Splunk/6.5.0/Search/GetstartedwithSearch
There are a ton of great docs out there for you to read. The Admin Manual and Knowledge Manager Manual. There are docs specific to Splunk Enterprise Security, if you're going to use that.
Also, I suggest downloading the Dashboard Examples app if you plan on creating dashboards, as it gives great guidelines to different features and visualizations.
https://splunkbase.splunk.com/app/1603/
Thanks Cmerriman!!
If you are brand-new to Splunk, I suggest you look at the previous Hungry newbie Answers posting. There is a lot to learn before you get to your security use cases.
Are you using Splunk Enterprise Security? If so, after you have basic familiarity with how Splunk Enterprise works, you could look at the Splunk Enterprise Security Use Cases to begin to see how that product operates.
Thanks Chris!!