-
Splunk Enterprise Security is a premium application used within the Splunk deployment to help with SOC operations. This course will teach you how to design and create add-ons to enable customization of the application and its uses.
Splunk Enterprise Security (ES) solves many problems within our SOCs, including efficient operations. In this course, Designing and Creating Add-ons in Splunk Enterprise Security, you’ll learn how to design the add-on based on use cases and the data, as well as build it. First, you’ll learn about the data sources and see how to configure them for ingestion into Splunk. Next, you’ll learn about the Splunk Add-on Builder and walk through the workflow of it. We’ll design and create an add-on in Splunk. Finally, you’ll learn how to validate the add-ons to ensure that they align with best practices and recommendations. When you’re finished with this course, you’ll have the skills and knowledge of Splunk Enterprise Security needed to build add-ons for new data sources to use within Splunk Enterprise Security.
Overview
