Prerequisites
To be successful, students must have a working understanding of these courses:
• Investigating Incidents with Splunk SOAR
What you’ll learn in this course
This course prepares IT professionals to
configure and manage SOAR.
Course Objectives
Course Outline
Topic 1 –Initial Configuration
• Describe SOAR operating concepts
• Identify documentation and community resources
• SOAR & Splunk Architecture
• Product settings
• Access control
• Authentication settings
• Response settings
• Understanding roles
• Creating users
• Managing user access
• Describe SOAR Automation Broker
Topic 2 – Apps, Assets and Playbooks
• Add and configure apps and assets
• Manage playbooks
• Ingesting Data
• Labels and tags
• Event settings
Topic 3 – Customization and Monitoring
• Create custom severity levels
• Create custom status levels
• Add custom fields and CEF settings
• Create custom workbooks
• Run reports
• Use SOAR audit tools
• Monitor system health
Further information
If you would like to know more about this course please contact us
