Skip to content

CyberSecurity Engineer

CyberSecurity Blog

Category: Splunk – Fundamentals 1

Splunk Series: Search Language Syntax

April 6, 2020 Andres SarmientoSplunk - Fundamentals 1

How is the syntax used in the Search editor To better explain the syntax of a search is by using the following diagram The components of the Search Search Terms –> What you are looking[…]

Continue reading …

Splunk Series: Field searches

April 6, 2020April 6, 2020 Andres SarmientoSplunk - Fundamentals 1

Fields are searchable key/value pairs in your event data Fields can be searched by their name, for example: area_code=404 action=purchase status=200 When you look for multiple items in the editor an implied AND will be[…]

Continue reading …

Splunk Series: Saving Search Jobs

April 6, 2020April 6, 2020 Andres SarmientoSplunk - Fundamentals 1

Every search is also a job, which can be paused, stopped, saved and exported. Here are some interesting things you need to know about Search jobs: Jobs are available for 10 Minutes (By Default) Jobs[…]

Continue reading …

Splunk Series: Basic Search

April 6, 2020April 6, 2020 Andres SarmientoSplunk - Fundamentals 1

Basic search The search assistant provides a nice way to begin looking up for something in particular. At this stage, you can determine a few different search criteria, such as a term in particular or[…]

Continue reading …

Splunk Series: Feeding Data to Splunk

April 6, 2020May 5, 2020 Andres SarmientoSplunk - Fundamentals 1

Splunk Index Time Process Data ingestion for Splunk is broken down into 3 different phases Input Phase – Data is handled at the source and is usually done by a forwarder Parsing Phase – Handled[…]

Continue reading …

Splunk Series: Splunk Deployments

April 6, 2020May 5, 2020 Andres SarmientoSplunk - Fundamentals 1

Addition Splunk Components There are additional components for a Splunk deployment, here is a list Deployment Server Cluster Master License Master Standalone Deployment This deployment is only in 1 server, and all functions needed for[…]

Continue reading …

Splunk Series: Components

April 6, 2020April 6, 2020 Andres SarmientoSplunk - Fundamentals 1

Splunk – Indexer This is the engine that is in charge of processing machine data, stores the results in indexes as events. This is what allows enabling fast searches and analysis As data is indexed,[…]

Continue reading …

Splunk Series: Overview of Splunk

April 6, 2020May 5, 2020 Andres SarmientoSplunk - Fundamentals 1

What is Splunk Splunk is many things to different groups in an organization, but mostly is an engine that looks you to visualize data in a way that could be understood by the business, what[…]

Continue reading …

Cybersec Engineer

  • Certifications
  • General CyberSecurity
  • Palo Alto Networks – Certifications
  • Security Policies and Tools
  • Splunk – Fundamentals 1
  • Splunk – Fundamentals 2
  • Splunk – System Admiistrator
  • Training

Social

  • View toteman85’s profile on Facebook
  • View @asarmiento85’s profile on Twitter
  • View asarmiento85’s profile on LinkedIn

Subscribe to Blog via Email

Enter your email address to subscribe to this blog and receive notifications of new posts by email.

Join 1 other subscriber

Powered by Collaboration Technologies USA | Copyright 2018