Administering Splunk SOAR

Administering Splunk SOAR

Upcoming Classes

Online

Instructor-led online training

Location May 2022 Jun 2022 Jul 2022 Aug 2022 Sep 2022 Oct 2022 Nov 2022
APAC Singapore - Virtual Jun 7
Jul 5
AMER Eastern Time - Virtual Jun 7
Jun 28
AMER Pacific Time - Virtual Jun 21

Summary

This 3 hour course prepares IT professionals to configure and manage SOAR.

Description

  • SOAR concepts
  • Initial configuration
  • Apps and assets
  • Configuring automation
  • User management
  • Ingesting Data
  • Customization and monitoring

Duration

3 hours

Objectives

Topic 1 –Initial Configuration
  • Describe SOAR operating concepts
  • Identify documentation and community resources
  • SOAR & Splunk Architecture
  • Product settings
  • Access control
  • Authentication settings
  • Response settings
  • Understanding roles
  • Creating users
  • Managing user access

Topic 2 – Apps, Assets and Playbooks
  • Add and configure apps and assets
  • Manage playbooks
  • Ingesting Data
  • Labels and tags
  • Event settings

Topic 3 – Customization and Monitoring
  • Create custom severity levels
  • Create custom status levels
  • Add custom fields and CEF settings
  • Create custom workbooks
  • Run reports
  • Use SOAR audit tools
  • Monitor system health

Prerequisites

Classes:

  • Investigating Incidents with Splunk SOAR

 

Onsite Training

For groups of three or more

Request Quote

Public Training

APAC Singapore - Virtual

  • Confirmed
    9:00 AM - 12:00 PM SGT
    $ 500.00 USD
  • Confirmed
    9:00 AM - 12:00 PM SGT
    $ 500.00 USD

AMER Eastern Time - Virtual

  • Confirmed
    9:00 AM - 12:00 PM EDT
    $ 500.00 USD
  • Confirmed
    9:00 AM - 12:00 PM EDT
    $ 500.00 USD

AMER Pacific Time - Virtual

  • Confirmed
    9:00 AM - 12:00 PM PDT
    $ 500.00 USD

Don't see a date that works for you?

Request Class