Splunk Enterprise Security Free Training | Incident Review

Splunk Enterprise Security Free Training | Incident Review - Ticket Triage

Рет қаралды 4,056

Lame Creations

Күн бұрын

Пікірлер: 11

@zufizuf200 13 күн бұрын

Great information and detail!

@lamecreations_guides 13 күн бұрын

Glad you liked it

@aminvogue 11 ай бұрын

Brilliant, thanks a ton for such elaborate. hats Off

@lamecreations_guides 11 ай бұрын

Glad it was helpful.

@secopslearning 3 ай бұрын

Best expiations of Splunk ES , my account not allowed to download Splunk ES, what work around could be ?

@lamecreations_guides 3 ай бұрын

1) Talk to a sales engineer, to see if they can get you a trial. 2) use a similar free product to ES. Alert manager is an app that, I think, still has a free version that gives you ticketing 3) build those capabilities into your own splunk instance. I'm trying to be helpful without saying, unless you pay for ES, I can't really help you out. So here are some free alternatives.

@FindAllHere 8 ай бұрын

How do I get the “Original Event” to show on my correlation searches to show? In my case some of my correlation searches have it and some do not and I do not understand why

@lamecreations_guides 8 ай бұрын

Join my discord and it will be probably easier to resolve. I'm not sure what issue you're running into. Are you saying you can't see the correlation search that created the alert on some of your notables and can see it on others? Are you just wanting to see the _raw logs that made up the notable Or a 3rd situation

@A1servinem777 2 ай бұрын

I see Cribl in a tab. Any plans to roll out cribl training? Thank you!!!

@lamecreations_guides 2 ай бұрын

I'm planning a multi hour training on cribl but that won't land tell fall of 2024. But i do have a playlist of cribl training you are welcome to. kzbin.info/aero/PLFF93FRoUwXGm6725isqJofQT2h1boC2y&si=VljxmAS-m2sufCUP

@kennethwalters-vx8vt Ай бұрын

@@lamecreations_guides im waiting for that as well lol lets goooooo