Splunk Development Day 4: - Vikram Yadav (VY)

Uploaded by

Loga K

0% found this document useful (0 votes)

24 views18 pages

Original Title

Day4

Copyright

Available Formats

PPTX, PDF, TXT or read online from Scribd

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Report this Document

Copyright:

Available Formats

Download as PPTX, PDF, TXT or read online from Scribd

Flag for inappropriate content

0% found this document useful (0 votes)

24 views18 pages

Splunk Development Day 4: - Vikram Yadav (VY)

Uploaded by

Loga K

Copyright:

Available Formats

Download as PPTX, PDF, TXT or read online from Scribd

Flag for inappropriate content

Jump to Page

You are on page 1of 18

Search inside document

Splunk

Development
Day 4
- Vikram Yadav (VY)

Your attendance & progress of the course will be calculated based

on the completion of the assignments and quiz.
Agenda – Day 4
• Splunk UI demo
• Understanding UI components
• Search Fundamentals
• Time range Picker
• Identify the contents of search results
• Control a search job
• Lab
Splunk UI Home Page
UI Navigation
UI Components
Data Summary
Search Fundamentals
Anatomy of Search - Events
• Splunk parses data into individual event
• Each event has a:
• Timestamp
• Host
• Source
• Sourcetype
• Fields are also listed in field side bar
Splunk UI & Searching
Run Basic Searches
• index=_internal
• index=_internal sourcetype=splunkd
• index=_internal sourcetype=splunkd source=*usage*
• index=_internal sourcetype=splunkd AND source=*usage*
• index=_internal sourcetype=splunkd OR source=*usage*
• index=_internal sourcetype!=splunkd source=*usage*
• index=_internal sourcetype!=splunkd source!=*access*
• index=_internal sourcetype!=splunkd OR source!=*access*
Time Range Picker
Time Range Picker
Set the time range of a search –
Custom
• Relative
• Date Range
• Date & Time Range
• Advanced
Splunk UI & Searching
• Identify the contents of search results/ Work with events
• Refine Searches
• Use the Timeline
Use the Timeline - Controls
Control a search job

• Every Search is a Job

• Job bar displays a progress of search Job
• Pause
• Stop
Control a search job
Save Search
Results (Export)
LAB
• Run Basic Searches, different permutation & combinations
• Use Splunk timeline to filter events
• Stop/Pause/resume searches
• Use Fields sidebar to move fields from Interesting fields to Selected
fields
• Use Splunk’s Time Range picker to fire real-time searches
Question & Answer.....

Splunk Development Day 1: - Vikram Yadav (VY)
Document34 pages
Splunk Development Day 1: - Vikram Yadav (VY)
Loga K
No ratings yet
Splunk Development Day 5: - Vikram Yadav (VY)
Document29 pages
Splunk Development Day 5: - Vikram Yadav (VY)
Loga K
No ratings yet
Microsoft Vulnerabilities REPORT 2020: Discover The Dangers of Unmanaged Admin Rights & Strategies To Control Them
Document18 pages
Microsoft Vulnerabilities REPORT 2020: Discover The Dangers of Unmanaged Admin Rights & Strategies To Control Them
Aldo_321
No ratings yet
Security Automation and Orchestration 2147 1538790978044001r9ox
Document21 pages
Security Automation and Orchestration 2147 1538790978044001r9ox
Dodo winy
No ratings yet
KL 302.11 Labs Module1 Managing Multiple Servers v1.6 en PDF
Document40 pages
KL 302.11 Labs Module1 Managing Multiple Servers v1.6 en PDF
jheimss Goudner
100% (1)
Enterprise Security Script: Splunk Security Solutions Marketing October 2019
Document26 pages
Enterprise Security Script: Splunk Security Solutions Marketing October 2019
Rainy
No ratings yet
Lsl0232x - Using Ibm Qradar Siem
Document53 pages
Lsl0232x - Using Ibm Qradar Siem
Pradeep Singh
No ratings yet
Ps Admin 6 10
Document118 pages
Ps Admin 6 10
Nguyen Anh
No ratings yet
En WBNR Ebook Srdem58911slides
Document164 pages
En WBNR Ebook Srdem58911slides
radhia saidane
No ratings yet
SOC Metrics Webinar For FIRST Metrics SIG V08a
Document47 pages
SOC Metrics Webinar For FIRST Metrics SIG V08a
James Lee
No ratings yet
Splunk Indexer Clustering Masterclass 101
Document6 pages
Splunk Indexer Clustering Masterclass 101
Umaphani Mortha
100% (1)
JAEYOUN, Won. Why Is Marx Classical
Document23 pages
JAEYOUN, Won. Why Is Marx Classical
Usu4riodoScribd
No ratings yet
Lecture 10 - Cloud Future (16 Files Merged)
Document373 pages
Lecture 10 - Cloud Future (16 Files Merged)
Charan Preet
No ratings yet
Endpoint & Network Threat Hunting
Document78 pages
Endpoint & Network Threat Hunting
Stanislaus Aditya
No ratings yet
BRKSPM 2071
Document37 pages
BRKSPM 2071
Estevao Jose
No ratings yet
VoLTE Implementation Guidelines v1.0
Document114 pages
VoLTE Implementation Guidelines v1.0
Rishi Nandwana
No ratings yet
Setting NAT On Linux
Document4 pages
Setting NAT On Linux
Agus Ady
No ratings yet
Lessons From The Lab: An Expert Guide To Trickbot, Darkside & Other Malware of 2021
Document22 pages
Lessons From The Lab: An Expert Guide To Trickbot, Darkside & Other Malware of 2021
Yose Martin
No ratings yet
Cloud Security Delivery Models: Security Risks & Recommendations
Document41 pages
Cloud Security Delivery Models: Security Risks & Recommendations
Ndema Mapunda
No ratings yet
Jpcert
Document19 pages
Jpcert
CHu CHe
No ratings yet
IoT Final PPT
Document218 pages
IoT Final PPT
RAHUL DHANOLA
No ratings yet
CA Privileged Access Manager: Administration Foundations 200
Document272 pages
CA Privileged Access Manager: Administration Foundations 200
Spanderson
No ratings yet
It Vizion Introduction: Daniel Daia, Business Development Executive, 4.08.2022
Document63 pages
It Vizion Introduction: Daniel Daia, Business Development Executive, 4.08.2022
NascaSebastian
No ratings yet
1foundations of CERT Cybersecurity Threat Landscape
Document29 pages
1foundations of CERT Cybersecurity Threat Landscape
Jaico Dictaan
No ratings yet
Dev 1114
Document47 pages
Dev 1114
Dodo winy
No ratings yet
BSides SATX2021
Document18 pages
BSides SATX2021
wdcoii
No ratings yet
AWS Splunk Infrastructure Monitoring 101 The Power To Predict and Prevent
Document23 pages
AWS Splunk Infrastructure Monitoring 101 The Power To Predict and Prevent
Ameer Shahil
100% (1)
Big-Ip Afm: Philippe Bogaerts
Document25 pages
Big-Ip Afm: Philippe Bogaerts
Network Engineer
100% (1)
05 - Security
Document59 pages
05 - Security
ashoo
No ratings yet
18CSC205J Operating Systems Unit 5 - New
Document140 pages
18CSC205J Operating Systems Unit 5 - New
Daksh Chauhan
No ratings yet
Submitted By-Anurag Deyasi Information Technology SSEC, Bhilai
Document39 pages
Submitted By-Anurag Deyasi Information Technology SSEC, Bhilai
Anonymous kbmKQLe0J
No ratings yet
ISO 9001: 2008 Certified Company
Document50 pages
ISO 9001: 2008 Certified Company
Unni Krishnan
No ratings yet
AWSCertified MLSlides
Document450 pages
AWSCertified MLSlides
Noèlia Herrero
No ratings yet
Enterprise-Class Monitoring Solution For Everyone Enterprise-Class Monitoring Solution For Everyone
Document12 pages
Enterprise-Class Monitoring Solution For Everyone Enterprise-Class Monitoring Solution For Everyone
Richard Gil
No ratings yet
Topic 07 - COBIT As A Framework For IT Assurance
Document59 pages
Topic 07 - COBIT As A Framework For IT Assurance
M. Amir
No ratings yet
Module - 2
Document130 pages
Module - 2
Ronit Reddy
No ratings yet
Security Operations and Defensive Analysis: Syllabus
Document5 pages
Security Operations and Defensive Analysis: Syllabus
Cristiano Chagas
100% (1)
Useful FirewallD Rules To Configure and Manage Firewall in Linux
Document10 pages
Useful FirewallD Rules To Configure and Manage Firewall in Linux
danxl007
No ratings yet
Splunk As A SIEM Tech Brief
Document3 pages
Splunk As A SIEM Tech Brief
Ahmed Elmasry
100% (1)
Ceph File System
Document13 pages
Ceph File System
IjazKhan
100% (1)
Network Security & Penetration
Document2 pages
Network Security & Penetration
Tommy Yen
No ratings yet
Database II: Distributed Databases
Document15 pages
Database II: Distributed Databases
Muhammad Asghar Khan
No ratings yet
Scalability and High Volume Performance of Indexer Clustering at Splunk
Document44 pages
Scalability and High Volume Performance of Indexer Clustering at Splunk
Dodo winy
No ratings yet
Topic 05 - IT-Enabled Value
Document36 pages
Topic 05 - IT-Enabled Value
M. Amir
No ratings yet
Module-2 3
Document28 pages
Module-2 3
Harpreet Singh
No ratings yet
Wireshark Ethernet
Document7 pages
Wireshark Ethernet
Cherry
No ratings yet
Topic 1 - Enterprise Governance Introduced
Document38 pages
Topic 1 - Enterprise Governance Introduced
M. Amir
No ratings yet
Module 1
Document111 pages
Module 1
Ronit Reddy
No ratings yet
Certificate Authorities
Document11 pages
Certificate Authorities
LiloMejia
No ratings yet
SLIDE HANDOUT - Tenable - SC Specialist Course
Document115 pages
SLIDE HANDOUT - Tenable - SC Specialist Course
net flix
100% (1)
Brkccie 3203
Document93 pages
Brkccie 3203
alfagemeo
No ratings yet
Best Practices and Better Practices For Admins Latest Slides: Collaborate: #Bestpractices Sign Up at HTTP://SPLK - It/slack
Document105 pages
Best Practices and Better Practices For Admins Latest Slides: Collaborate: #Bestpractices Sign Up at HTTP://SPLK - It/slack
Dodo winy
No ratings yet
Akamai Cyber Security Balancing Act White Paper
Document7 pages
Akamai Cyber Security Balancing Act White Paper
Simranjyot Suri
No ratings yet
Opmanager Standard Userguide
Document717 pages
Opmanager Standard Userguide
mikrotik kemantan
No ratings yet
Hypertext Transfer Protocol (HTTP) : Gurjot Singh Revti Raman Singh Ug201113013 Ug201110026
Document19 pages
Hypertext Transfer Protocol (HTTP) : Gurjot Singh Revti Raman Singh Ug201113013 Ug201110026
KHALID ahmed
No ratings yet
Beyond Insight User Guide
Document213 pages
Beyond Insight User Guide
Nguyen Anh
No ratings yet
SecurityCenter 5.0 Installation
Document27 pages
SecurityCenter 5.0 Installation
josu_rc
No ratings yet
Field Extraction Index Time Vs Search Time
Document5 pages
Field Extraction Index Time Vs Search Time
Gopinath S
No ratings yet
Sphinx Search Beginner's Guide
From Everand
Sphinx Search Beginner's Guide
Abbas Ali
Rating: 4 out of 5 stars
4/5 (2)
Splunk Basics
Document13 pages
Splunk Basics
akshat jain
No ratings yet
Splunk Development Day 2: - Vikram Yadav (VY)
Document14 pages
Splunk Development Day 2: - Vikram Yadav (VY)
Loga K
No ratings yet
Splunk Development Day 3: - Vikram Yadav (VY)
Document10 pages
Splunk Development Day 3: - Vikram Yadav (VY)
Loga K
No ratings yet
Splunk Development Day 4: - Vikram Yadav (VY)
Document18 pages
Splunk Development Day 4: - Vikram Yadav (VY)
Loga K
No ratings yet
Splunk Development Day 3: - Vikram Yadav (VY)
Document10 pages
Splunk Development Day 3: - Vikram Yadav (VY)
Loga K
No ratings yet
Splunk Development Day 2: - Vikram Yadav (VY)
Document14 pages
Splunk Development Day 2: - Vikram Yadav (VY)
Loga K
No ratings yet