Splunk New Certification Tracks

Splunk updated their entire product certification process for those who need to manage and administrate Splunk. Previously, to get certified in Splunk it was a game of collecting the Pokemon cards of each training course\’s certificate of completion. That had the major downside for those of us experienced in Splunk. We could never get our employers to fund taking classes for material we knew well.

The process now involves an actual online exam. It is FREE. The courses can give you a very good foundation in the topics and prepare you for the exam. As with most certification exams the training and self study will cover the skill sets much deeper than the exam material alone can cover. I always recommend training when you can swing it as you never know what you do not know about a topic.

Splunk Certified Knowledge Manager

This certification covers the operation and managing the various knowledge objects within the Splunk application. This is more about helping the users have a solid consistent experience in using Splunk. It is not about the back end administration of the servers themselves.

The courses behind this certification are:
* Using Splunk
* Searching and Reporting
* Creating Splunk Knowledge Objects

Splunk Certified Admin

This certification is all about the technical administration of all aspects of Splunk. Everything from licensing, deployment management, indexing etc. This is for you if you want to be the wizard behind the curtain.

There is just one course behind this certification. It is the combination of the old Admin and Advanced Admin courses. It does require you have passed the Certified Knowledge Manager as the pre-requisite.
* Splunk Administration

Taking the Exams

Most of the folks I know have some experience with Splunk. For those people, I recommend you take the outlines for the courses behind each track. Highlight the agendas for the areas that you know you are weak in. Setup a v6 Splunk instance to practice those areas. Watch the tutorial videos from the Splunk intro page when you log into Splunk. Last, be sure to read ALL the documentation at least once related to the course material.

Then you just email certification@splunk.com to request registration to take the exam. They will send you a personalized exam link in an email with details of the number of questions you have to pass for the particular exam. It will also tell you how long you have to take the exam once you start it. You can take the exam as many times as you need to pass it. But you have to wait two hours between attempts.

Good luck!

CPEs, PDF and your Apple iPad

I am thrilled that an increasing number of the magazines I read for continuing professional education are providing PDF versions.  This provides many benefits to the Information Security and IT professional.

  1. Less paper to handle, store or dispose of.
  2. iBooks and Good Reader save your place in the PDF.
  3. Easy to store back issues for future reference.
  4. Easy to search and make notes using your iPad.

The sources of the PDFs I read vary in their easy of access to the PDF and if you need to have an account to reach them. I download them from the source as they become available then I put them in my Dropbox.com account and open from my iPad using Good Reader a $0.99 application. Alternatively you can drop PDFs onto iTunes now and  they will sync to your iPad using the iBooks app.

Here are the magazine sources I am frequently reading.

Continue reading “CPEs, PDF and your Apple iPad”

How to achieve success in your creative projects.

I was listening to the Grammar Girl podcast while running errands today.  She had a great episode on “How to write your first novel.”  It was actually contributed by my favorite podcasting horror novelist, Scott Sigler.

Scott covers how to get started on your first novel.  It struck me in fact he was drafting a wonderful process for any creative endeavor.  It would equally apply to your first programming projects. It comes down to a simple series of steps.

  1. Write what you know and accept will be a bad novel.  You won’t get tripped up on the hard spots and quit.  This is because you know its going to be bad.  So you are empowering yourself to do whatever sloppy fix to get past the rough spot.
  2. Really finish the project, no matter how bad it is.  Just walk away with a sense of accomplishment from crossing the finish line.
  3. Put the project away for a while.
  4. Write a new project.  One you really put detailed effort into.
  5. Once you finish your first pass through the second project, pick up the first one and go through it.  Find the spots you are really weak in.  Learn from that and begin revising your second project.
  6. Rinse and repeat.

I think this could apply to a lot of things.  And I think I will try it with my first start and stop attempts at some programming projects.  Give the Grammar Girl episode a listen.  She goes into detail with Scott’s advise.

Big Nerd Ranch – ObjectiveC and Cocoa Programming

Well I had a really fun time attending the ObjectiveC/Cocoa programming bootcamp from Big Nerd Ranch.  I went in with seriously rusty programming skills.  I probably have not looked at C code more than casually in over ten years.  But I made a small effort to start going through Aaron Hillegass’ third edition Cocoa programming book before I went.  I just could not get far into it on my own with home, work etc taking up time.  So I just made the conscious decision to relax and remember I was doing this for myself.  Not for work.  Not for yet another certification.  But for fun.

I actually drove down.  That Friday my wife finally got to user her Christmas present from last year.  Ten laps driving a racecar at Talladega. That worked out real well.  Because it was only a 40 minute drive tops from there to Banning Mills for the class.

It was strangely relaxing at class because my blackberry only could get signal on the hill leading up to my cabin from the main building.  So basically once a day I checked my berry and made a phone call or two. Some days not at all.  We did have Internet in the class room.   There was wireless at our cabins but it was spotty due to the fact they use a partial directional panel antenna at the main building pointing toward the various cabin areas.  Not the best wireless design in the world.  Honestly after a long day of class.   Some personal project coding after dinner you had no brain power left when you got to your room for more computer stuff.  You would just crash.

Each day I got up around 730am, got ready and walked down to the main building by 8am.  I would get my laptop setup and ready for class.  Let it check email and pull down twitter updates.  At 830am promptly we would have breakfast.  Class started right at 9am and ran till lunch.  After lunch came more class.  At about 230pm each day we went for the daily 30 minute hike.  More class till dinner.  After dinner you could come back to the class room and catch up on exercises or work on a personal project.  Aaron would answer any questions you had and point you in the right direction.  

One of the guys, Ryan C. Payne, from class took photos of everything at class.  So I did not break out my own camera.  You can check them out over in his mobileMe gallery.  Check the one out with the whole class on the last set.  Who knew ObjectiveC nerds had their own gang sign?  Of course is has to be the square brackets. “[]”  

It was a great time for everyone.  It really helped me get back up to speed to the point I can write code on my own on the mac.

CISSP – Earning CPEs on your own time

I wanted to update an older topic. These days to keep your CISSP, CCE and other credentials you may have to have keep up on educational material. Also known as continuing professional education. We like to call them CPE units or simply CPEs. Here are some great sources.

The SANS Institute offers many great webcasts every month. You can even subscribe to the schedule via RSS or in an iCal compatible client. Watch for topics that you need development in or that just interest you. You are able to actually print out a CPE certificate for your records.

If you are Cisco certified here a new one. Cisco just partnered with the IET (Institute of Engineering and Technology). Check out the benefits. There is a ton of online educational material for IET members. Just get your Cisco ID handy and join for a fairly reasonable membership fee.

If you are an iTunes user. There is always iTunesU. The online area of the Apple iTunes store where there are tons of University courses online.  You can probably find something suitable for CPEs either type A or B.

Lastly for now. If you want some good personal development type B CPE credits for your CISSP? I love the Manager Tools podcast. These guys know what they are talking about when it comes to management skills, handling coworkers, ethics etc. I would probably hold onto the copy of the audio file and the show notes for your records in case you get a CPE audit from ISC2.


Looking for a good way to get some CPE credits for your CISSP renewal? Here are some ideas for both type A and type B CPEs.

Type A

Sans Webcasts have great content. Add in that they keep track for you in your portal account what casts you have viewed and provide a link to download a PDF of your CPE certificate. Just make sure to enter your CISSP number in your account settings.

The Cyberspeak Podcast by a couple of computer forensics and law enforcement professionals. Great humor and always interesting content. The show lasts an hour so you can claim each show for 1 CPE under the self-study category. Just be sure to retain the MP3 file and a screen shot (or pdf) of the show description for your CPE records in case you get audited.

Type B

The Manager Tools Podcast is an awesome show on management style, development and tools. Always useful items to serve your professional development needs. Like Cyberspeak above. Keep the files and the show description for your records. Again falls under self-study (webcasts). A one hour show for 1 CPE each episode.

The Manager Tools guys have a great book list on their site. You can claim one book a year. Just be sure to retain the book for your CPE records. All their books are management and personal development so the one book each year gets you 5 CPEs toward your total.