Splunk SIEM Basics For Beginners | TryHackMe Splunk: Basics

In this video walk-through, we covered the basic fundamentals of Splunk for beginners. We explored data collection through different methods including but not limited to manual upload. ******** Splunk Training Playlist https://www.youtube.com/watch?v=4Jau-Wj-mkE&list=PLqM63j87R5p42cBwRwI24FQeF7oEBFmka ****** Receive Cyber Security Field, Certifications Notes and Special Training Videos https://www.youtube.com/channel/UCNSdU_1ehXtGclimTVckHmQ/join ******* Writeup https://motasem-notes.net/splunk-siem-basics-for-beginners-tryhackme-splunk-basics/ ********** Google Profile https://maps.app.goo.gl/eLotQQb7Dm6aiL8z6 LinkedIn [1]: https://www.linkedin.com/in/motasem-hamdan-7673289b/ [2]: https://www.linkedin.com/in/motasem-eldad-ha-bb42481b2/ Instagram https://www.instagram.com/motasem.hamdan.official/ Twitter https://twitter.com/ManMotasem Facebook https://www.facebook.com/motasemhamdantty/ **** 0:00 - Introduction to Splunk and SIEM Concepts 2:10 - Splunk Components Overview 4:50 - How Forwarder and Indexer Work in Splunk 6:45 - Role of Search Head in Splunk 8:30 - Deploying and Navigating the Splunk Interface 9:50 - Adding Data to Splunk 11:30 - Uploading Logs and Creating an Index 12:55 - Searching and Analyzing Logs 14:40 - Using Fields and Filters to Narrow Searches 16:00 - Task 1: Number of Log Events by User "Melina" 17:10 - Task 2: Finding the Name Associated with an IP Address 19:00 - Task 3: Excluding Events from a Specific Country 20:50 - Task 4: Finding VPN Events for a Specific IP Address 22:40 - Wrapping Up: Learning the Basics of Splunk Searches