SplunkⓇ Core Certified User

Learn the Basics and Earn Your Certification with Confidence!

A complete course built to help you learn SplunkⓇ from the ground up and pass the SplunkⓇ Core Certified User Exam.

If you're looking to build a solid foundation in SplunkⓇ — whether for cybersecurity, IT operations, or data analysis — this course is your starting point. Designed specifically for those pursuing their SplunkⓇ Core Certified User certification, this course walks you step-by-step through the essential features, tools, and workflows that real professionals use every day.

With clear instruction, structured modules, and hands-on examples, you’ll learn how to navigate SplunkⓇ, search and analyze data, build dashboards and reports, and work with fields, lookups, and alerts. Whether you're brand new to SplunkⓇ or looking to solidify your knowledge, this course is built to make certification achievable.

What You'll Learn

• How to confidently navigate the SplunkⓇ interface and understand its core components

• How to create and refine searches using time pickers, fields, and search modes

• How to read search results, inspect jobs, and explore events efficiently

• The difference between basic search commands and transforming commands

• How to work with indexes, user settings, applications, and add-ons

• How to build reports and dashboards that turn data into insights

• How to enrich your data with lookups and stay proactive using alerts

This course is designed to take the guesswork out of SplunkⓇ and give you the tools you need to pass the certification — and use your skills with confidence in the real world. Clear explanations, structured progression, and practical application are at the core of every module.

CrowdStrike: For SOC Analysts

Disclaimer: This course offered independently by Blue Team Consulting, LLC and is not affiliated with CrowdStrike, Inc.

Module 1: Console Overview Get acquainted with the CrowdStrike console, your command center for proactive threat detection and incident response. Explore its interface, functionalities, and navigation to ensure a solid foundation for the rest of the course.

Module 2: Where to Spend Your Time Learn to prioritize effectively in a dynamic threat landscape. Understand the critical areas of focus within the CrowdStrike console to optimize your time and as it pertains to SOC work.

Module 3: Triaging a Detection Master the art of rapid detection triage. Develop skills to assess the severity of a detection, determine its scope, and decide on appropriate immediate actions.

Module 4: Useful Open Source Tools to Use Discover a curated toolkit of open-source resources that complement the CrowdStrike platform. Explore how to leverage these tools to enhance your threat intelligence and investigative capabilities.

Module 5: Event Search / Splunk Queries Delve into advanced event search techniques and learn how to craft powerful queries in Splunk. Learn how to conduct host analysis and leveraging endpoint logs to your advantage.

Module 6: Real-Time Response Features Equip yourself with CrowdStrike's real-time response arsenal. Dive into containment strategies, remote actions, scripting, and other instant response capabilities.

Module 7: Sandbox & Blocking Actions Explore the CrowdStrike sandbox environment and understand its role in threat analysis. Learn to implement blocking actions effectively to halt threats in their tracks.

Module 8: Whitelisting / Exclusions Navigate the nuances of whitelisting and exclusions. Gain insights into striking the right balance between security and operational efficiency.

Module 9: Putting It All Together Immerse yourself in realistic scenarios where you'll apply your newfound knowledge. Walk through end-to-end incident response processes, from detection to resolution.

Module 10: Where to Go Next Chart your future course in the realm of cybersecurity. Discover avenues for continued learning, specialization, and skill refinement to stay ahead in the ever-evolving threat landscape.

SplunkⓇ Zero to Power User

Hello and welcome to the course. This is the #1 place to learn by watching instructor lead demonstrations on Splunk. Don’t take another course that is bogged down with long lectures and endless PowerPoint slides. Take one that covers the majority of the course via recorded demonstrations and is built for visual learners!

This course is designed to take someone who has never heard of Splunk and provide them with the knowledge they need to pass the Splunk Core Certified Power User exam!

Is it hard to find a streamlined education road map for Splunks old Fundamentals 1 and 2 concepts? This course is it!

Learn by watching demonstrations for over 75% of the course!

Download your own data and practice on your own instance of Splunk.

Learn over 25 commands!

Gain confidence in how to craft strong searches, build visualizations, and understand the key components of Splunk.

This course will cover all the key topics you need to pass the exam!

I hope you continue to take what you have learned here and move on to learning more advanced topics that Splunk has to offer!

Disclaimer: This course offered independently by Blue Team Consulting, LLC and is not affiliated with CrowdStrike, Inc.

Master the Falcon Platform from an Administrative Perspective

This course is designed to provide learners with an in-depth understanding of CrowdStrike/EDR, a powerful endpoint security tool. Participants will learn how to install and configure CrowdStrike/EDR, manage hosts, create and manage prevention policies, customize IOAs, manage exclusions and quarantines, and troubleshoot issues.

Module 1: What is CrowdStrike/EDR

• Introduction to CrowdStrike/EDR

• Understanding Endpoint Detection and Response (EDR)

• Key features and benefits of CrowdStrike/EDR

Module 2: Users and Roles

• User and role management in CrowdStrike/EDR

• Understanding permissions and access levels

• Best practices for user and role management

Module 3: Installation

• CrowdStrike/EDR installation prerequisites

• Installing CrowdStrike/EDR on endpoints

• Post-installation configurations and best practices

Module 4: Troubleshooting

• Troubleshooting common issues with CrowdStrike/EDR

• Best practices for effective troubleshooting

Module 5: Uninstalling & Sensor updates

• Uninstalling CrowdStrike/EDR from endpoints

• Updating CrowdStrike/EDR sensors

• Best practices for sensor management

Module 6: Host management

• Managing hosts using CrowdStrike/EDR

• Understanding host groups and policies

• Best practices for host management

Module 7: Prevention policies

• Creating and managing prevention policies in CrowdStrike/EDR

• Understanding policy rules and configurations

• Best practices for policy management

Module 8: Custom IOAs

• Creating custom Indicators of Attack (IOAs) in CrowdStrike/EDR

• Understanding IOA rules and configurations

• Best practices for custom IOA management

Module 9: Exclusions and Quarantines

• Managing exclusions and quarantines in CrowdStrike/EDR

• Understanding exclusion and quarantine rules and configurations

• Best practices for exclusion and quarantine management

Target audience: IT professionals, cybersecurity professionals, system administrators, and anyone interested in learning how to manage and secure endpoints using CrowdStrike/EDR.