Security Investigations with Splunk
Description: Investigating with Splunk is a modular, hands-on workshop designed to familiarize participants with how to investigate incidents using Splunk and open source. This workshop provides users a way to gain experience searching in Splunk to answer specific questions related to an investigation. These questions are similar to what would be asked in their own organizations. Users will leave with a better understanding of how logs can be used to investigate incidents in their enterprise.
Pre-reqs and requirements: Attendees will need a laptop or tablet running Chrome or Safari.
Attendees should have a basic working knowledge of Splunk OR they can take the following free online class to prepare for this workshop: https://www.splunk.com/en_us/training/free-courses/splunk-fundamentals-1.html
Date/Time: 1-3pm on Thursday Sept 16th
Instructor: Rob Wagner