About this Event
Within our community, many of you have hands-on experience with Splunk or are working towards doing so, for threat hunting and SOC analyst positions.
But did you know that Splunk's Search Processing Language (SPL) is extensible via custom commands? These are Python scripts that even work on Splunk Cloud as well as Splunk Enterprise. Yes ... your sh*tty Python code can run on Splunk's servers!
Writing custom commands is pretty well documented. You can find a whole bunch of "hello world" articles but what these typically don't go into is why you might write a custom command in the first place.
In this mostly demo-filled talk, I'll whet your appetite for writing custom commands to speed up your workflows and analysis. Along the way I'll cover some of the basics of Splunk searches and share some thoughts on less common but powerful SIEM use-cases.
Event Venue & Nearby Stays
TEKsystems, 11400 Parkside Drive, Knoxville, United States
USD 0.00