SPLUNK EVENTS
Review the workshops currently being offered below. Click to register to see a more detailed description of the workshop. Check back often as new offerings will continually be added!
Splunk4Rookies sessions are a great opportunity for you to discover the value of Splunk hands-on in a matter of hours. Attendees get an introduction to Splunk, along with hands-on experience creating a Splunk app and dashboard based on multiple use cases.
During a session, we will walk you through a series of exercises designed to get you to a point where you understand what Splunk is and how you can use it within your organisation. Attendees will create their own Splunk app, add some data, and then search and analyse that data to create an interactive dashboard.
Target Audience:
Sessions are designed for Splunk beginners. Whether your organisation is just starting to consider using Splunk or you have just joined a team of Splunk users and need to understand the basics, Splunk4Rookies is for you!
Splunk4Rookies sessions are a great opportunity for you to discover the value of Splunk hands-on in a matter of hours. Attendees get an introduction to Splunk Dashboard Studio, along with hands-on experience creating a Splunk dashboard based on multiple use cases.
Participants will learn the basics of creating a dashboard using Splunk Dashboard Studio, and how to populate the dashboard with visualisations and manipulate them to provide maximum value.
Target Audience:
Sessions are designed for Splunk beginners. Whether your organisation is just starting to consider using Splunk or you have just joined a team of Splunk users and need to understand the basics of dashboarding, Splunk4Rookies - Dashboard Studio is for you!
This workshop provides users a way to gain experience searching in Splunk to answer specific questions related to an investigation. Users will leave with a better understanding of how Splunk can be used to investigate in their enterprise.
Target Audience:
This workshop is ideal for individuals who are new to Splunk and are part of a Security Operations team responsible for security monitoring and incident response.
Security is focused on security, where attendees get an introduction to what Splunk is, how Splunk can be used specifically for security, and hands-on experience where they are given the task to create some Splunk dashboards in their own hosted Splunk instance based on Splunk Boss of the SOC (BOTS) data sources.
Target Audience:
Sessions are designed for Splunk beginners. Whether your organization is just starting to consider using Splunk or you have just joined a team of Splunk Ninjas and need to understand the basics, Splunk4Rookies - Security is for you!
Enterprise Security is a modular, hands-on workshop designed to familiarise participants with how to investigate incidents using Splunk Enterprise and Splunk Enterprise Security.
This workshop provides users an opportunity to walk through multiple scenarios and see first-hand how Enterprise Security can be used from the creation of a notable event to investigate all the way to the raw event that identifies the adversary’s action. The workshop leverages the popular Boss of the SOC (BOTS) dataset and is laid out in an interactive format. Users will leave with a better understanding of how Splunk and Enterprise Security can be used to generate notable events and investigate them as they occur in the enterprise.
Target Audience:
This workshop is ideal for individuals who are already familiar with Splunk and are on a Security Operations team responsible for security monitoring and incident response.
The SOAR Hands-On workshop (previously the Phantom Hands-On) is designed to familiarize participants with how to respond to incidents, manage cases and artifacts, as well as automate your incident response and standard operating procedures.
This workshop provides users an opportunity to walk through a real-world scenario and see first-hand how Splunk SOAR can be used from the creation of a notable event to enriching alerts by automatically gathering data, all the way to managing and resolving the incident.
Target Audience:
This workshop is ideal for individuals who are familiar with SOAR and anyone who wants hands-on experience with SOAR including SOC analysts, Incident Responders, and Threat Intelligence teams with an interest in automation.
Detecting Insider Threats with Splunk is a modular, hands-on workshop designed to provide a deeper dive into Insider Threats exposing participants to data sources and techniques that can be used to detect insider threat behavior. This workshop leverages Splunk Enterprise and introduces participants to indicators of Insider Threat and methods to detect them. The workshop leverages the popular Boss of the SOC (BOTS) dataset with stand alone exercises. Users will leave with a better understanding of how Splunk can be used to hunt for insider threats within their enterprise.
Target Audience:
The workshop is designed for Tier 1,2,3 SOC analysts, Incident Responders (CIRT/CSIRT/CERT) and threat Intelligence teams with an interest in automation. Anyone who wants hands-on experience with SOAR including more senior roles such as Head of SOC, SOC Managers, Head of Incident Response
The Risk-Based Alerting (RBA) hands-on workshop is designed to guide Detection Engineers or other content creators with the RBA process used in Splunk Enterprise Security. Our journey will begin with a review of ES fundamentals as a foundation for RBA then proceeds through Risk Factors, Risk Rule creation, and Risk Notable creation. The workshop leverages the popular Boss of the SOC (BOTS) dataset with hands-on exercises that build on one another and expose the participants to detecting a complex APT attack. The participants will depart with a clear path for getting started with RBA in their environment.
Target Audience:
The workshop is designed for personas on a Security Operations team that are responsible for content creation, usually the Detection Engineering team.
Prerequisite - The Enterprise Security with Risk-Based Alerting Overview and Demo are a required prerequisite for this workshop.
The IT Foundations workshop is a great opportunity for you to discover the value of Splunk hands-on in a matter of hours. The aim of the workshop is for attendees to develop an understanding of a foundational IT and observability strategy and how Splunk for IT Foundations can help. Participants will be introduced to Splunk IT Foundations solutions, including Splunk Search and Reporting, Splunk IT Essentials Learn, Splunk IT Essentials Work, & Splunk Infrastructure Monitoring. Expect to discover the ability to investigate an incident and find root cause through search, flexible analysis and monitoring metrics and logs in context.
The workshop will provide a series of exercises that allow users to navigate through typical real-world incidents and tasks, correlating events and understanding how this can lower your downtime and prevent future outages by driving to the root cause.
Target Audience:
The workshop is designed for Application and IT Operations teams including System Administrators, IT Analysts, Tier 1, 2, 3+ Support Engineers, SREs, etc. who have limited exposure to Splunk and are looking to understand how the Splunk Platform can help them more effectively investigate incidents, make data-driven decisions, and monitor their systems and applications.
Get insights into your applications and infrastructure in real-time with the help of the monitoring, analytics and response tools of the Splunk Observability Cloud. These workshops are going to take you through the best-in-class observability platform for ingesting, monitoring, visualising and analysing metrics, traces and logs.
Target Audience:
Those wanting to gain an understanding of Splunk Observability in a hands-on environment. This workshop is designed for people with little or no experience with Splunk Observability.
Pellentesque non magna eget ex lobortis finibus. Lorem ipsum dolor sit amet, consectetur adipiscing elit. Etiam nec arcu non eros hendrerit viverra a vitae libero. Etiam et ultricies nulla. Donec euismod lectus magna, eu dignissim mauris hendrerit vulputate.
Director Risk Management and Data Protection,
Data Protection Officer (DPO)
Splunk Inc.
Lorem ipsum dolor sit amet, consectetur adipiscing elit. Etiam nec arcu non eros hendrerit viverra a vitae libero. Etiam et ultricies nulla. Donec euismod lectus magna, eu dignissim mauris hendrerit vulputate.
Director Risk Management and Data Protection,
Data Protection Officer (DPO)
Splunk Inc.
Lorem ipsum dolor sit amet, consectetur adipiscing elit. Etiam nec arcu non eros hendrerit viverra a vitae libero. Etiam et ultricies nulla. Donec euismod lectus magna, eu dignissim mauris hendrerit vulputate.
Director Risk Management and Data Protection,
Data Protection Officer (DPO)
Splunk Inc.
Lorem ipsum dolor sit amet, consectetur adipiscing elit. Etiam nec arcu non eros hendrerit viverra a vitae libero. Etiam et ultricies nulla. Donec euismod lectus magna, eu dignissim mauris hendrerit vulputate.
Director Risk Management and Data Protection,
Data Protection Officer (DPO)
Splunk Inc.
Lorem ipsum dolor sit amet, consectetur adipiscing elit. Etiam nec arcu non eros hendrerit viverra a vitae libero. Etiam et ultricies nulla. Donec euismod lectus magna, eu dignissim mauris hendrerit vulputate.
Director Risk Management and Data Protection,
Data Protection Officer (DPO)
Splunk Inc.
Lorem ipsum dolor sit amet, consectetur adipiscing elit. Etiam nec arcu non eros hendrerit viverra a vitae libero. Etiam et ultricies nulla. Donec euismod lectus magna, eu dignissim mauris hendrerit vulputate.
