-
The Enhancing Cisco Security Solutions with Data Analytics (ECSS) course provides intermediate-level knowledge of Splunk, including its fundamentals, key components and architecture, so you can effectively detect, investigate and respond to security threats. You will learn how to use various Splunk components, including Cisco XDR, Splunk SIEM and Splunk SOAR. You will also learn how to use and troubleshoot the Cisco Security Cloud App, Cisco Legacy Apps, and Technology Add-Ons (TAs) to integrate Cisco security solutions with Splunk to improve user, cloud, and breach protection.
-
Course Contents
-
- Explain the fundamentals of Splunk Enterprise/Cloud
- Explain the use of XDR, SIEM, SOAR as part of modern SOC architecture to improve the SOC's ability to effectively detect, investigate, and respond to security threats
- Implement the integration of Cisco security solutions with Splunk using the Cisco Security Cloud App
- Implement the integration of Cisco security solutions with Splunk using Cisco legacy apps and TAs
- Demonstrate the value of integrating Cisco security solutions with Splunk using real-world use cases
- Troubleshoot issues with the Cisco Security Cloud App and Cisco apps and TAs
You will receive the original course documentation from Cisco in English language as a Cisco E-Book.
-
Target Group
-
- System Engineers
- SOC Engineers
- Network Architects
-
Knowledge Prerequisites
-
There are no prerequisites for this training course. However, it is recommended that you have the following knowledge and skills before attending this training:</p
Cisco CCNP Security or equivalent knowledge. These skills can be found in the following Cisco learning offerings:
SCOR - Implementing and Operating Cisco Security Core Technologies
-
Course Objective
-
- Centralize data from all Cisco security products in Splunk
- Real-time monitoring for fast threat detection
- Optimize workflows with fewer dashboard changes and automatic correlation
- Use customizable dashboards to make better decisions
- Integrate Cisco security solutions with Splunk for effective protection
| Course Outline |
| Overview of Splunk Enterprise and Splunk Cloud |
| Splunk Enterprise and Splunk Cloud Components |
| Splunk Enterprise Data Ingestion |
| Splunk Search Programming Language |
| Splunk Dashboards and Reports |
| XDR, SIEM, and SOAR Platforms |
| Cisco XDR, Splunk SIEM, and Splunk SOAR |
| Cisco Security Cloud App |
| Cisco Secure Firewall Integration |
| Cisco XDR Integration |
| Cisco Secure Malware Analytics, Duo, Secure Network Analytics, Email Threat Defense, and Multicloud Defense Integrations |
| Cisco Security Legacy Apps and Technology Add-Ons |
| Cisco ISE Integration |
| Cisco NVM Integration |
| Cisco Security Solutions and Splunk Use Case |
| Cisco XDR and Splunk Use Case |
| Troubleshoot General Splunk Issues |
| Troubleshoot Cisco Security Cloud App |
| Troubleshoot Cisco Legacy Apps and Add-ons |
| Lab Outline |
| Explore Splunk Indexes |
| Explore Splunk Web and CLI |
| Verify and Test Data Ingestion |
| Malware Events Analysis Using Splunk Enterprise Simulation |
| Perform Search Queries |
| Create Dashboards and Reports |
| Explore Splunk SOAR |
| Explore Cisco XDR Incident Investigation |
| Cisco Secure Firewall Integration with Splunk |
| Cisco XDR to Splunk Enterprise Integration Simulation |
| Cisco Duo Integration Simulation |
| Cisco SMA Integration Simulation |
| Cisco SNA Integration Simulation |
| Explore the Cisco ISE Integration with Splunk Using the Legacy ISE App and TA |
| Explore the Cisco NVM Integration with Splunk Using the Legacy CESA App and TA |
| Investigate Ransomware Using Splunk Enterprise with the Various Cisco Security Apps |
| Troubleshoot Cisco Security Cloud App with Cisco Secure Firewall Integration |
| Troubleshooting Cisco ISE Integration with Splunk |
| Troubleshooting Cisco NVM Integration with Splunk |
-
Classroom training
- Do you prefer the classic training method? A course in one of our Training Centers, with a competent trainer and the direct exchange between all course participants? Then you should book one of our classroom training dates!
-
Online training
- You wish to attend a course in online mode? We offer you online course dates for this course topic. To attend these seminars, you need to have a PC with Internet access (minimum data rate 1Mbps), a headset when working via VoIP and optionally a camera. For further information and technical recommendations, please refer to.
-
Tailor-made courses
-
You need a special course for your team? In addition to our standard offer, we will also support you in creating your customized courses, which precisely meet your individual demands. We will be glad to consult you and create an individual offer for you.
You can find the complete description of this course with dates and prices ready for download at as PDF.-
The Enhancing Cisco Security Solutions with Data Analytics (ECSS) course provides intermediate-level knowledge of Splunk, including its fundamentals, key components and architecture, so you can effectively detect, investigate and respond to security threats. You will learn how to use various Splunk components, including Cisco XDR, Splunk SIEM and Splunk SOAR. You will also learn how to use and troubleshoot the Cisco Security Cloud App, Cisco Legacy Apps, and Technology Add-Ons (TAs) to integrate Cisco security solutions with Splunk to improve user, cloud, and breach protection.
-
Course Contents
-
- Explain the fundamentals of Splunk Enterprise/Cloud
- Explain the use of XDR, SIEM, SOAR as part of modern SOC architecture to improve the SOC's ability to effectively detect, investigate, and respond to security threats
- Implement the integration of Cisco security solutions with Splunk using the Cisco Security Cloud App
- Implement the integration of Cisco security solutions with Splunk using Cisco legacy apps and TAs
- Demonstrate the value of integrating Cisco security solutions with Splunk using real-world use cases
- Troubleshoot issues with the Cisco Security Cloud App and Cisco apps and TAs
You will receive the original course documentation from Cisco in English language as a Cisco E-Book.
-
Target Group
-
- System Engineers
- SOC Engineers
- Network Architects
-
Knowledge Prerequisites
-
There are no prerequisites for this training course. However, it is recommended that you have the following knowledge and skills before attending this training:</p
Cisco CCNP Security or equivalent knowledge. These skills can be found in the following Cisco learning offerings:
SCOR - Implementing and Operating Cisco Security Core Technologies
-
Course Objective
-
- Centralize data from all Cisco security products in Splunk
- Real-time monitoring for fast threat detection
- Optimize workflows with fewer dashboard changes and automatic correlation
- Use customizable dashboards to make better decisions
- Integrate Cisco security solutions with Splunk for effective protection
| Course Outline |
| Overview of Splunk Enterprise and Splunk Cloud |
| Splunk Enterprise and Splunk Cloud Components |
| Splunk Enterprise Data Ingestion |
| Splunk Search Programming Language |
| Splunk Dashboards and Reports |
| XDR, SIEM, and SOAR Platforms |
| Cisco XDR, Splunk SIEM, and Splunk SOAR |
| Cisco Security Cloud App |
| Cisco Secure Firewall Integration |
| Cisco XDR Integration |
| Cisco Secure Malware Analytics, Duo, Secure Network Analytics, Email Threat Defense, and Multicloud Defense Integrations |
| Cisco Security Legacy Apps and Technology Add-Ons |
| Cisco ISE Integration |
| Cisco NVM Integration |
| Cisco Security Solutions and Splunk Use Case |
| Cisco XDR and Splunk Use Case |
| Troubleshoot General Splunk Issues |
| Troubleshoot Cisco Security Cloud App |
| Troubleshoot Cisco Legacy Apps and Add-ons |
| Lab Outline |
| Explore Splunk Indexes |
| Explore Splunk Web and CLI |
| Verify and Test Data Ingestion |
| Malware Events Analysis Using Splunk Enterprise Simulation |
| Perform Search Queries |
| Create Dashboards and Reports |
| Explore Splunk SOAR |
| Explore Cisco XDR Incident Investigation |
| Cisco Secure Firewall Integration with Splunk |
| Cisco XDR to Splunk Enterprise Integration Simulation |
| Cisco Duo Integration Simulation |
| Cisco SMA Integration Simulation |
| Cisco SNA Integration Simulation |
| Explore the Cisco ISE Integration with Splunk Using the Legacy ISE App and TA |
| Explore the Cisco NVM Integration with Splunk Using the Legacy CESA App and TA |
| Investigate Ransomware Using Splunk Enterprise with the Various Cisco Security Apps |
| Troubleshoot Cisco Security Cloud App with Cisco Secure Firewall Integration |
| Troubleshooting Cisco ISE Integration with Splunk |
| Troubleshooting Cisco NVM Integration with Splunk |
-
Classroom training
- Do you prefer the classic training method? A course in one of our Training Centers, with a competent trainer and the direct exchange between all course participants? Then you should book one of our classroom training dates!
-
Online training
- You wish to attend a course in online mode? We offer you online course dates for this course topic. To attend these seminars, you need to have a PC with Internet access (minimum data rate 1Mbps), a headset when working via VoIP and optionally a camera. For further information and technical recommendations, please refer to.
-
Tailor-made courses
-
You need a special course for your team? In addition to our standard offer, we will also support you in creating your customized courses, which precisely meet your individual demands. We will be glad to consult you and create an individual offer for you.
You can find the complete description of this course with dates and prices ready for download at as PDF.