Administering Splunk SOAR is designed for security engineers and platform administrators responsible for deploying and maintaining a Splunk SOAR (Security Orchestration, Automation and Response) environment. This course covers the full administrative lifecycle, from installation and initial configuration through ongoing platform management and troubleshooting.
What You Will Learn
- Install, configure, and upgrade Splunk SOAR in on-premises and cloud environments
- Manage users, roles, and access controls within the SOAR platform
- Connect SOAR to external data sources and security tools via asset configuration
- Monitor system health, manage logs, and troubleshoot common platform issues
- Back up and restore SOAR configurations and case data
Who Should Attend
Security engineers, SOC administrators, and IT operations professionals responsible for deploying or maintaining a Splunk SOAR environment.
Prerequisites
Familiarity with Linux system administration and basic networking concepts. Prior exposure to Splunk Enterprise or Splunk SOAR is helpful.
