Video Series
Splunk for Security Video Series
Splunk for Security Tutorials
Series Summary
Welcome to our Splunk for Security video series, where we explore how to leverage Splunk’s powerful data analytics capabilities to enhance your organisation’s cybersecurity posture. Whether you’re new to Splunk or looking to deepen your expertise, these videos will guide you through practical techniques for threat detection, incident response, and security monitoring.
Normalisation Summary
This video series on the Common Information Model (CIM) in Splunk delves into the importance of data normalisation across various domains, including security, cloud, and network data. The first episode introduces the concept of data models and how they standardise information from multiple sources, improving data consistency, search efficiency, and insight generation. Subsequent episodes explore the practical implementation of CIM, emphasising the importance of proper data mapping to enhance search performance and security outcomes. The series highlights the need for careful planning and regular maintenance to ensure CIM compliance and optimal system performance.
Expansion Summary
The Splunk for Security: Expansion series provides a comprehensive guide to enhancing security monitoring using the Splunk Stream app. The first episode introduces the architecture and deployment of Splunk Stream, highlighting its real-time visibility into application performance across various environments, including cloud-based deployments. Subsequent episodes explore data flow processes, demonstrating how forwarders capture, index, and make data searchable within Splunk, as well as showcasing the app’s dashboard capabilities for monitoring network traffic.
The series also delves into practical applications, such as configuring streams for HTTP, DNS, and SSL traffic, and culminates in a detailed walkthrough of setting up Windows DNS monitoring. Throughout, the series emphasises the app’s flexibility in managing network data, with detailed instructions on configuring, filtering, and aggregating data streams. Viewers are encouraged to reach out for further assistance, ensuring a thorough understanding and successful deployment of Splunk Stream for security enhancement.
The series also delves into practical applications, such as configuring streams for HTTP, DNS, and SSL traffic, and culminates in a detailed walkthrough of setting up Windows DNS monitoring. Throughout, the series emphasises the app’s flexibility in managing network data, with detailed instructions on configuring, filtering, and aggregating data streams. Viewers are encouraged to reach out for further assistance, ensuring a thorough understanding and successful deployment of Splunk Stream for security enhancement.
Want to Speak to an Expert?
At Somerford, we are proud to be an Elite Splunk partner with specialist certified consultants in Enterprise Security. If you'd like to speak with one of our video presenters, Jake or Oliver, or connect with one of our other experts, please get in touch with us today.