splunk全栈技术实战
a:49:{i:0;a:2:{s:7:"content";s:69:"
一、课程目标
";s:9:"timestamp";i:1753259287;}i:1;a:2:{s:7:"content";s:633:"
本次为期一天半的 Splunk 培训课程旨在使学员全面了解 Splunk 产品家族,熟练掌握 Splunk 的基础搜索操作,并能够运用 SPL 进行安全事件分析与Dashboard 制作,提升学员在数据处理与安全分析领域的技能水平,为其在相关工作中有效运用 Splunk 工具奠定坚实基础。
";s:9:"timestamp";i:1753259287;}i:2;a:2:{s:7:"content";s:69:"
二、课程对象
";s:9:"timestamp";i:1753259287;}i:3;a:2:{s:7:"content";s:333:"
对 Splunk 感兴趣或有需求在数据处理、安全分析等领域应用 Splunk 的人员,包括但不限于 IT 运维人员、安全分析师、数据工程师等。
";s:9:"timestamp";i:1753259287;}i:4;a:2:{s:7:"content";s:69:"
三、课程安排
";s:9:"timestamp";i:1753259287;}i:5;a:2:{s:7:"content";s:60:"
第一天
";s:9:"timestamp";i:1753259287;}i:6;a:2:{s:7:"content";s:151:"
上午:Splunk 产品介绍
";s:9:"timestamp";i:1753259287;}i:7;a:2:{s:7:"content";s:59:"
• 课程开场与概述
";s:9:"timestamp";i:1753259287;}i:8;a:2:{s:7:"content";s:94:"
o 讲师自我介绍及课程简介
";s:9:"timestamp";i:1753259287;}i:9;a:2:{s:7:"content";s:197:"
o 介绍 Splunk 在当今数据处理与分析领域的重要地位和广泛应用场景
";s:9:"timestamp";i:1753259287;}i:10;a:2:{s:7:"content";s:100:"
• Splunk Core 讲解
";s:9:"timestamp";i:1753259287;}i:11;a:2:{s:7:"content";s:109:"
o Splunk Core 的核心功能与架构概述
";s:9:"timestamp";i:1753259287;}i:12;a:2:{s:7:"content";s:94:"
o 数据索引原理与流程解析
";s:9:"timestamp";i:1753259287;}i:13;a:2:{s:7:"content";s:94:"
o 数据存储机制及优势探讨
";s:9:"timestamp";i:1753259287;}i:14;a:2:{s:7:"content";s:149:"
• ES(Enterprise Security)简介
";s:9:"timestamp";i:1753259287;}i:15;a:2:{s:7:"content";s:115:"
o ES 在企业安全防护中的关键作用阐释
";s:9:"timestamp";i:1753259287;}i:16;a:2:{s:7:"content";s:100:"
o 主要安全功能模块展示与讲解
";s:9:"timestamp";i:1753259287;}i:17;a:2:{s:7:"content";s:103:"
o 与其他安全工具的集成优势分析
";s:9:"timestamp";i:1753259287;}i:18;a:2:{s:7:"content";s:155:"
• ITSI(IT Service Intelligence)概述
";s:9:"timestamp";i:1753259287;}i:19;a:2:{s:7:"content";s:153:"
o ITSI 如何助力 IT 服务监控与优化
";s:9:"timestamp";i:1753259287;}i:20;a:2:{s:7:"content";s:160:"
o 关键性能指标(KPI)设定与监控案例分享
";s:9:"timestamp";i:1753259287;}i:21;a:2:{s:7:"content";s:100:"
o 智能告警与故障预测功能介绍
";s:9:"timestamp";i:1753259287;}i:22;a:2:{s:7:"content";s:179:"
• SOAR(Security Orchestration, Automation and Response)简介
";s:9:"timestamp";i:1753259287;}i:23;a:2:{s:7:"content";s:90:"
o SOAR 功能实现介绍
";s:9:"timestamp";i:1753259287;}i:24;a:2:{s:7:"content";s:106:"
o 与现有安全工作流整合的价值体现
";s:9:"timestamp";i:1753259287;}i:25;a:2:{s:7:"content";s:400:"
下午:Splunk Enterprise、ES、ITSI、SOAR 演示
";s:9:"timestamp";i:1753259287;}i:26;a:2:{s:7:"content";s:56:"
• 数据接入方式
";s:9:"timestamp";i:1753259287;}i:27;a:2:{s:7:"content";s:209:"
o 多种数据源(如日志文件、网络数据、数据库等)接入 Splunk的方法介绍及实操
";s:9:"timestamp";i:1753259287;}i:28;a:2:{s:7:"content";s:85:"
o 数据接入配置介绍
";s:9:"timestamp";i:1753259287;}i:29;a:2:{s:7:"content";s:56:"
• 基础数据分析
";s:9:"timestamp";i:1753259287;}i:30;a:2:{s:7:"content";s:229:"
o 运用 SPL(Search Processing Language)进行数据筛选、过滤与聚合操作示范
";s:9:"timestamp";i:1753259287;}i:31;a:2:{s:7:"content";s:115:"
o 常见数据分析函数与命令的使用案例展示
";s:9:"timestamp";i:1753259287;}i:32;a:2:{s:7:"content";s:50:"
• 报表制作
";s:9:"timestamp";i:1753259287;}i:33;a:2:{s:7:"content";s:158:"
o 在 Splunk 中创建简单报表的步骤讲解
";s:9:"timestamp";i:1753259287;}i:34;a:2:{s:7:"content";s:96:"
• ES Demo 演示
";s:9:"timestamp";i:1753259287;}i:35;a:2:{s:7:"content";s:82:"
o 规则库启用
";s:9:"timestamp";i:1753259287;}i:36;a:2:{s:7:"content";s:82:"
o 安全事件溯源等
";s:9:"timestamp";i:1753259287;}i:37;a:2:{s:7:"content";s:98:"
• ITSI Demo 演示
";s:9:"timestamp";i:1753259287;}i:38;a:2:{s:7:"content";s:97:"
o 服务创建及服务依赖性展示
";s:9:"timestamp";i:1753259287;}i:39;a:2:{s:7:"content";s:99:"
o ITSI 预测分析、关联分析
";s:9:"timestamp";i:1753259287;}i:40;a:2:{s:7:"content";s:98:"
• SOAR Demo 演示
";s:9:"timestamp";i:1753259287;}i:41;a:2:{s:7:"content";s:82:"
o 第三方工具集成
";s:9:"timestamp";i:1753259287;}i:42;a:2:{s:7:"content";s:82:"
o Playbook 演示
";s:9:"timestamp";i:1753259287;}i:43;a:2:{s:7:"content";s:60:"
第二天
";s:9:"timestamp";i:1753259287;}i:44;a:2:{s:7:"content";s:90:"
上午:案例与场景分享、答疑
";s:9:"timestamp";i:1753259287;}i:45;a:2:{s:7:"content";s:65:"
• 安全案例与场景分享
";s:9:"timestamp";i:1753259287;}i:46;a:2:{s:7:"content";s:71:"
• 可观测性案例与场景分享
";s:9:"timestamp";i:1753259287;}i:47;a:2:{s:7:"content";s:50:"
• 圆桌会议答疑
";s:9:"timestamp";i:1753259189;}i:48;a:2:{s:7:"content";s:17:"
";s:9:"timestamp";i:1753259189;}}