Administering Splunk SOAR
Upcoming Classes
Online
Instructor-led online training
Location | Feb 2023 | Mar 2023 | Apr 2023 | May 2023 | Jun 2023 | Jul 2023 | Aug 2023 |
---|---|---|---|---|---|---|---|
APAC Singapore - Virtual |
Feb 17 |
Mar 20 |
Apr 21 |
May 5 | |||
AMER Eastern Time - Virtual |
Feb 17 |
Mar 3 Mar 10 |
Apr 4 Apr 21 |
May 5 | |||
AMER Pacific Time - Virtual |
Feb 22 |
Mar 13 Mar 28 |
Apr 28 | ||||
EMEA UK Time - Virtual |
Mar 9 |
Apr 6 |

Description
- SOAR concepts
- Initial configuration
- Apps and assets
- Configuring automation
- User management
- Ingesting Data
- Customization and monitoring
Objectives
Topic 1 –Initial Configuration
- Describe SOAR operating concepts
- Identify documentation and community resources
- SOAR & Splunk Architecture
- Product settings
- Access control
- Authentication settings
- Response settings
- Understanding roles
- Creating users
- Managing user access
Topic 2 – Apps, Assets and Playbooks
- Add and configure apps and assets
- Manage playbooks
- Ingesting Data
- Labels and tags
- Event settings
Topic 3 – Customization and Monitoring
- Create custom severity levels
- Create custom status levels
- Add custom fields and CEF settings
- Create custom workbooks
- Run reports
- Use SOAR audit tools
- Monitor system health