2 great Splunk crash courses on YT
I was reading a job description for Splunk Operations Analyst and thought, hey--we have access to Splunk here and should take advantage of it!
Key Responsibilities:
Develop and execute advanced and complex Splunk searches to retrieve, analyze, and visualize data.
Optimize existing Splunk queries for performance and efficiency.
Interpret and analyze data from various log sources to identify patterns, anomalies, and trends.
Provide insights and actionable recommendations based on search results and data analysis.
Design, create, and maintain basic dashboards to provide a clear visual representation of data.
Configure, manage and optimize Splunk alerts to notify relevant stakeholders about critical events or anomalies, reduce false positives, and ensure timely issue detection.
Generate regular and ad-hoc reports using Splunk’s reporting capabilities and basic visualizations, ensuring accuracy, relevance, and alignment with business objectives
Customize Splunk visualizations (e.g., charts, graphs, tables) to represent data clearly and effectively.
So if you can't do all these things yet, now's the time to learn!
While not directly relevant to Sec+, Splunk and SIEM is of course super relevant to actually being an SOC Analyst.
Splunk Fundamentals for Users and Power Users by Splunk How-To
Splunk SIEM Crash Course | Free Spunk Training for Security Analyst
by Rajneesh Gupta
Happy hunting!
Great idea! =)