This 13.5 hour course prepares architects and systems administrators to install and configure Splunk Enterprise Security (ES). It covers ES event processing and normalization, deployment requirements, technology add-ons, dashboard dependencies, data models, managing risk, and customizing threat intelligence.
To be successful, students should have a solid understanding of the following:
if on-prem:
if on cloud:
and the following single-subject courses:
The above single-subject courses may be replaced with prior completion of the following legacy courses: