Somerford Video Series
Splunk for Security
Tutorial Clips Covering Key Topics
In this collection of bite-size tutorial videos, our certified Splunk expert, Oliver Knapp, takes a look at some of the key elements that make up the renowned data analytics provider, Splunk. Ideal for new Splunk users, or for experienced analysts that need a quick refresh, these informative videos will showcase Splunk basics like Universal Forwarding , Heavy Forwarding and Intermediate Forwarding. The first two videos in this series focus on data forwarding and highlight the benefits.
Browse Every Episode From This Series!
This video series on the Common Information Model (CIM) in Splunk delves into the importance of data normalisation across various domains, including security, cloud, and network data. The first episode introduces the concept of data models and how they standardise information from multiple sources, improving data consistency, search efficiency, and insight generation. Subsequent episodes explore the practical implementation of CIM, emphasising the importance of proper data mapping to enhance search performance and security outcomes. The series highlights the need for careful planning and regular maintenance to ensure CIM compliance.
Browse Every Episode From This Series!
The Splunk for Security: Expansion series provides a comprehensive guide to enhancing security monitoring using the Splunk Stream app. The first episode introduces the architecture and deployment of Splunk Stream, highlighting its real-time visibility into application performance across various environments, including cloud-based deployments. Subsequent episodes explore data flow processes, demonstrating how forwarders capture, index, and make data searchable within Splunk, as well as showcasing the app’s dashboard capabilities for monitoring network traffic.
The series also delves into practical applications, such as configuring streams for HTTP, DNS, and SSL traffic, and culminates in a detailed walkthrough of setting up Windows DNS monitoring.
Browse Every Episode From This Series!
Across nine episodes, this series explores key features and practical applications, from advanced search assistance for anomaly detection to frameworks like the Splunk Security Data Journey. We introduce essential tools, including dashboards, data onboarding guides, and content mapping features, enabling organisations to streamline processes and enhance security visibility.
Highlights from this series include insights into managing data latency and compliance, configuring tailored use cases using the Mitre ATT&CK framework, and leveraging reporting dashboards for strategic decision-making.
Browse Every Episode From This Series!
Want to Speak to an Expert?
At Somerford, we are proud of our status as an Elite Splunk Partner with specialist certified consultants in Enterprise Security.
If you'd like to speak with one of our consultants, or connect with one of our other experts, please get in touch with us today.
If you'd like to speak with one of our consultants, or connect with one of our other experts, please get in touch with us today.