Search
  • danielpwilson

How do I learn Splunk administration?

Had an old coworker hit me up a week ago. He took a job as a SOC analyst where part of his job is going to be supporting Splunk. He's a smart guy but Splunk is more complex than it looks. Given I've also been asked a few times on how to certify on Splunk Admin I thought I might as well break down and start a video series on Splunk Administration.


I produced two videos to help him on his journey and I hope they help you.

Install of Splunk Enterprise on CentOS7, VirtualBox and firewalld

https://www.youtube.com/watch?v=qhLoG-8IgDY&t=1s

Stand Alone Lab Housekeeping firewall and ports https://www.youtube.com/watch?v=qPcZhGQIWSk


Let me know what you think?

33 views0 comments

Recent Posts

See All

Do you need to dedup when using stats?

I had to do some casual counting of sourcetypes today. In the process I was trying to decide if I needed to dedup before going to stats. It seemed to me a dedup would, in theory, pass less data to sta