+ Reply to Thread
Page 1 of 2 1 2 Last
Results 1 to 25 of 50
  1. Senior Member GeekyChick's Avatar
    Join Date
    Sep 2016
    Posts
    292

    Certifications
    CISSP, Splunk-User, CCNA, Sec+, Net+
    #1

    Default Didn't Pass Splunk User Exam

    I just took the online Splunk Fundamentals class and read through the document they sent out. I thought I didn't need to prepare much for the test. How hard could a free test be? Well, it was a little harder than I thought. I do not have any Splunk experience. All I did was read the documents and do the labs they recommended. Well, I have to wait 5 days to retake the test. I got a 70% and needed 75%.

    Anyone else take the test? I saw another thread that listed a few resources for Splunk training. Doesn't look like there is too much out there that is free.
    Reply With Quote Quote  

  2. SS
  3. Senior Member
    Join Date
    Sep 2013
    Posts
    115
    #2
    There are quite a few videos on youtube. Not sure if udemy has anything
    Reply With Quote Quote  

  4. Senior Member McxRisley's Avatar
    Join Date
    May 2016
    Posts
    404

    Certifications
    Bachelors of Science in IT, MTA, SEC+, CSA+, CPT+, CASP, CSAE, CNSP, CNVP, C|EH, OSCP, Splunk Certified Admin
    #3
    I took the user exam a week ago and passed. The user test is MUCH harder than people think it will be, especially for it being an open book test. The answers to many of the questions asked will not be in the pdf document provided. Finding the answer will require more hands on experience with Splunk and carefully taking notes from the videos. I also started the power user course this week.
    Reply With Quote Quote  

  5. Senior Member GeekyChick's Avatar
    Join Date
    Sep 2016
    Posts
    292

    Certifications
    CISSP, Splunk-User, CCNA, Sec+, Net+
    #4
    It was harder than I thought it would be. I have been studying for the CISSP and I thought I could cram this test in on the side. I'm kind of in a time crunch for CISSP but I needed to get the Splunk test done. I'll spend a little more time on Splunk so I can pass it this time. I signed up for a Splunk Udemy class too which seems fairly good so far.

    @McxRisley what do you think of the Power User course?
    Reply With Quote Quote  

  6. Senior Member McxRisley's Avatar
    Join Date
    May 2016
    Posts
    404

    Certifications
    Bachelors of Science in IT, MTA, SEC+, CSA+, CPT+, CASP, CSAE, CNSP, CNVP, C|EH, OSCP, Splunk Certified Admin
    #5
    It is very good so far, it focuses more on the backend of Splunk than the user course did and gets A LOT deeper into more advanced commands and their usage. I am on module 7 of 15 right now, so I should be taking the exam next week. Also just so you are aware, the power user course is $2000 (it was free for me through my company).
    Reply With Quote Quote  

  7. Senior Member cyberguypr's Avatar
    Join Date
    May 2007
    Location
    Chicago, IL
    Posts
    6,286

    Certifications
    GCFE, GCED, GCIH, GSTRT, CISSP, CCSP, and others that should never be mentioned
    #6
    I would say that all courses are good. Some food for thought: the problem I keep seeing is that a lot of people go through the courses and then are failing to apply knowledge. My team is an early Splunk adopter (security analytics perspective) at my company and now that it has gone mainstream (in our company) we have tons of people that take the training and can't put two and two together after. They expect us to train them , do advanced queries, etc and that is time that simply does not exist for us. Practicing after taking the courses is ESSENTIAL. Do the cloud trial or download Splunk Light, deploy it, throw some data at it, and play around. Otherwise stuff fades away quickly.
    Reply With Quote Quote  

  8. Senior Member
    Join Date
    Feb 2016
    Posts
    211
    #7
    Quote Originally Posted by GeekyChick View Post
    I just took the online Splunk Fundamentals class and read through the document they sent out. I thought I didn't need to prepare much for the test. How hard could a free test be? Well, it was a little harder than I thought. I do not have any Splunk experience. All I did was read the documents and do the labs they recommended. Well, I have to wait 5 days to retake the test. I got a 70% and needed 75%.

    Anyone else take the test? I saw another thread that listed a few resources for Splunk training. Doesn't look like there is too much out there that is free.
    Did you do the official Splunk course through Splunk or one of the other (101) Splunk training providers online?

    The official Splunk training comes with Splunk Enterprise. It is a 60 day or 90 day trial, I don't remember. Whatever the case, you have a plethora of labs that can be done with the course. Please tell me you used the Official Spunk training...

    What I will also say is some of the questions repeat themselves on the exam retakes.

    While I am here, what I suggest:
    1. It's an open book exam. Take notes. When I took the exam I just did a CTRL+ F and searched for keywords. I found a good portion of the answers in my notes.

    2. If you didn't take notes for an open book exam ........ Well, I will assume you took notes.

    Just go through whatever material you decide and take notes. My notes from the official material were a lifesaver..like the candy.
    Last edited by GirlyGirl; 01-30-2018 at 04:06 PM.
    Reply With Quote Quote  

  9. Senior Member McxRisley's Avatar
    Join Date
    May 2016
    Posts
    404

    Certifications
    Bachelors of Science in IT, MTA, SEC+, CSA+, CPT+, CASP, CSAE, CNSP, CNVP, C|EH, OSCP, Splunk Certified Admin
    #8
    According to the rules, she would have had to of done the official Splunk training in order to take certification exam. Also the exam has changed recently from what I found online, it used to be 50 questions and now it is not. I found more answers in my notes from the videos than I did from the pdf document.
    Reply With Quote Quote  

  10. Senior Member GeekyChick's Avatar
    Join Date
    Sep 2016
    Posts
    292

    Certifications
    CISSP, Splunk-User, CCNA, Sec+, Net+
    #9
    Yes, I did the Fundamentals class from Splunk's website. I did take notes and did only the labs from the Fundamentals class, which apparently wasn't enough for me. I was trying to cram it in before I start a new job. I thought how hard could a free test be. I tried to answer the questions on the test as much as I could from memory which wasn't a great idea. I won't do that next time.

    I did install Splunk and I remember from my class after 60 days it converts to a Free License. I do remember something.

    There's a lot more to Splunk than what I thought. I thought it might just be some regex, but it's so much more. I could see that it would be very useful and I kind of like it.
    Reply With Quote Quote  

  11. Senior Member McxRisley's Avatar
    Join Date
    May 2016
    Posts
    404

    Certifications
    Bachelors of Science in IT, MTA, SEC+, CSA+, CPT+, CASP, CSAE, CNSP, CNVP, C|EH, OSCP, Splunk Certified Admin
    #10
    I did what most SANS people do and made an index of the pdf document so that I could quickly search it if I needed to. The same words are used hundreds of times in the document so simply doing ctrl+f isn't really going to work very well, especially when you have just over a minute to answer each question.

    Ya, Splunk is a VERY powerful tool. It has so much more capabilities than what most places use it for (log aggregation).
    Reply With Quote Quote  

  12. Senior Member GeekyChick's Avatar
    Join Date
    Sep 2016
    Posts
    292

    Certifications
    CISSP, Splunk-User, CCNA, Sec+, Net+
    #11
    Quote Originally Posted by McxRisley View Post
    I did what most SANS people do and made an index of the pdf document so that I could quickly search it if I needed to. The same words are used hundreds of times in the document so simply doing ctrl+f isn't really going to work very well, especially when you have just over a minute to answer each question.Ya, Splunk is a VERY powerful tool. It has so much more capabilities than what most places use it for (log aggregation).
    Thanks for the tip.
    Reply With Quote Quote  

  13. Senior Member McxRisley's Avatar
    Join Date
    May 2016
    Posts
    404

    Certifications
    Bachelors of Science in IT, MTA, SEC+, CSA+, CPT+, CASP, CSAE, CNSP, CNVP, C|EH, OSCP, Splunk Certified Admin
    #12
    Wanted to drop in and give an update on the Power User course.I took the exam yesterday and passed. I actually found it to be a bit easier than the user exam, probably because I have a better grasp on the commands and how Splunk works now than I did when I took the user exam. Next up is the 2 admin courses.
    Reply With Quote Quote  

  14. Senior Member
    Join Date
    May 2016
    Posts
    2,125

    Certifications
    70-461, Teradata Database Certified Associate
    #13
    Looking at getting into Splunk. Networked with a director at my company and they like my SQL background and wanted to get me into Splunk reporting and analysis.

    I appreciate all the heads up. I told him I had no security certs, didn't matter. It would be a promo, going to check it out. PS thanks for all the good content.
    Reply With Quote Quote  

  15. Senior Member GeekyChick's Avatar
    Join Date
    Sep 2016
    Posts
    292

    Certifications
    CISSP, Splunk-User, CCNA, Sec+, Net+
    #14
    Quote Originally Posted by McxRisley View Post
    Wanted to drop in and give an update on the Power User course.I took the exam yesterday and passed. I actually found it to be a bit easier than the user exam, probably because I have a better grasp on the commands and how Splunk works now than I did when I took the user exam. Next up is the 2 admin courses.
    Congrats! That's good to know. How long did it take to study for the Power User? Did you do the online Splunk course? It looks like you pay for the course but the test is free, right? I'll be taking it eventually but I don't have time to do it right now.

    Happy to say, I passed the User exam on the second attempt. They make you wait 5 days and think about how dumb you were, I mean study. I got a 90%.
    Reply With Quote Quote  

  16. Senior Member McxRisley's Avatar
    Join Date
    May 2016
    Posts
    404

    Certifications
    Bachelors of Science in IT, MTA, SEC+, CSA+, CPT+, CASP, CSAE, CNSP, CNVP, C|EH, OSCP, Splunk Certified Admin
    #15
    I'm not sure how the course fee and exam work for non-partners. I know that the Power User course is $2000 for a normal person. I took the online course and it took me about 2 weeks to go through all of the materials and do a bit of studying but I also kinda dragged my feet on it.

    I am signing up for the 2 admin courses today, which unlike the others you MUST attend virtually or in person to take. There are 2 courses that last 4.5 hours a day for 2 days each that you must complete before attempting the admin exam. I am hoping to have this all done within the next couple of weeks.
    Reply With Quote Quote  

  17. Senior Member
    Join Date
    May 2016
    Posts
    2,125

    Certifications
    70-461, Teradata Database Certified Associate
    #16
    Quote Originally Posted by McxRisley View Post
    I'm not sure how the course fee and exam work for non-partners. I know that the Power User course is $2000 for a normal person. I took the online course and it took me about 2 weeks to go through all of the materials and do a bit of studying but I also kinda dragged my feet on it.

    I am signing up for the 2 admin courses today, which unlike the others you MUST attend virtually or in person to take. There are 2 courses that last 4.5 hours a day for 2 days each that you must complete before attempting the admin exam. I am hoping to have this all done within the next couple of weeks.
    Gratz on the pass Geeky I know you have been working hard.

    McXRisley, that is dang expensive!
    Reply With Quote Quote  

  18. Senior Member GeekyChick's Avatar
    Join Date
    Sep 2016
    Posts
    292

    Certifications
    CISSP, Splunk-User, CCNA, Sec+, Net+
    #17
    Quote Originally Posted by DatabaseHead View Post
    Gratz on the pass Geeky I know you have been working hard.

    McXRisley, that is dang expensive!
    Thank you DBHead! I feel like all I do is study. BUT it paid off, I got a job doing cybersecurity. It's exactly what I want to do and I'm super-excited!

    @McXRisley - Thanks for the information. Congrats to you for getting to do all the courses and for your Power User cert!
    Reply With Quote Quote  

  19. Senior Member McxRisley's Avatar
    Join Date
    May 2016
    Posts
    404

    Certifications
    Bachelors of Science in IT, MTA, SEC+, CSA+, CPT+, CASP, CSAE, CNSP, CNVP, C|EH, OSCP, Splunk Certified Admin
    #18
    So as of a couple of hours ago I just passed my Splunk Admin exam. This exam was much easier than the previous 2 for me just because I have a much better grasp on how the components work and how to configure everything in Splunk.
    Reply With Quote Quote  

  20. Senior Member
    Join Date
    May 2006
    Posts
    2,159

    Certifications
    CISSP, CCSP, CCNA Cyber Ops, eJPT, ITIL,PA ACE,Qualys Certified Specialist, A+
    #19
    Are these Splunk exams free?
    Reply With Quote Quote  

  21. Senior Member
    Join Date
    May 2016
    Posts
    2,125

    Certifications
    70-461, Teradata Database Certified Associate
    #20
    Quote Originally Posted by GeekyChick View Post
    Thank you DBHead! I feel like all I do is study. BUT it paid off, I got a job doing cybersecurity. It's exactly what I want to do and I'm super-excited!
    That's fantastic!
    Reply With Quote Quote  

  22. Senior Member McxRisley's Avatar
    Join Date
    May 2016
    Posts
    404

    Certifications
    Bachelors of Science in IT, MTA, SEC+, CSA+, CPT+, CASP, CSAE, CNSP, CNVP, C|EH, OSCP, Splunk Certified Admin
    #21
    Quote Originally Posted by TheFORCE View Post
    Are these Splunk exams free?
    The user course and exam is the only one that is free to everyone, BUT the power user and admin courses/exam will cost you around $5500 if your company is not a Splunk Partner. Also, the courses have to be completed in order and require you to complete the labs before attempting the exam. So for example, you can not just take the admin course, you have to take the user and power user courses/exams first.
    Reply With Quote Quote  

  23. Senior Member
    Join Date
    May 2006
    Posts
    2,159

    Certifications
    CISSP, CCSP, CCNA Cyber Ops, eJPT, ITIL,PA ACE,Qualys Certified Specialist, A+
    #22
    cool, thanks!
    Reply With Quote Quote  

  24. Junior Member
    Join Date
    Nov 2017
    Location
    New York
    Posts
    19

    Certifications
    CISSP-A, AWS-CSA-A, Splunk-Certified-PowerUser, CompTIA-CSA+/Sec+, CCNA, MCSE
    #23
    Just passed 2 cert exams today...1st one is AWS Solution Architect - Associate in the morning, then 2nd one Splunk Certified User in the afternoon. The 45 questions in Splunk exam were much harder than the 35 questions in the course's final quiz. It is different from AWS exam that you can't go back to previous questions so no need to rush.

    The next exam coming up is the Splunk Certified Power User. Our company has the subscription, so it is "free" for us to take the course and the exam.

    Update (4/15/201: Passed Certified Power User exam today. Had about 10 min left when finishing last question. There were some tricky questions in the beginning (similar to the User exam) and got easier towards the end.
    Last edited by GettingThereSoon; 04-15-2018 at 06:24 PM.
    Reply With Quote Quote  

  25. Junior Member Registered Member
    Join Date
    May 2018
    Posts
    1
    #24
    Hi All,

    I need to do Splunk certification and where I need to take the course online...
    Reply With Quote Quote  

  26. Member thedudeabides's Avatar
    Join Date
    May 2018
    Posts
    79

    Certifications
    Security+, CCNA R&S, JNCIA, C|EH, CCNA CyberOps
    #25
    Didn't even know about this. I'll give it a go after I'm done with the cert I'm currently working on.
    Reply With Quote Quote  

+ Reply to Thread
Page 1 of 2 1 2 Last

Social Networking & Bookmarks