The center piece of this demonstration is the Splunk Dashboard. The idea is to provide clear indicators when things are good (green) or bad (red) during the demo. In Part 1 we discussed the Cyber Kill Chain in 4 phases, so we will build a Splunk Dashboard that shows those 4 phases clearly.
Splunk Enterprise is the center piece of this entire demonstration. Clear visual indicators will let your audience know when things have gone bad during the attack demo. This is where we will build that center piece and the dashboard that will be used during the demonstration.