CrowdStrike University FHT 280: Course Syllabus

This one-day instructor led course is for anyone needing to investigate and threat hunt with Falcon Forensics. This course utilizes Falcon Forensics within the Investigate app to perform basic investigations using the Host Info, Host Timeline and Quick Wins dashboards. Learners will learn about the forensic data schema for the data collected. They will also learn basic SPL (Splunk) syntax and perform searches related to conducting investigations.


  • OS icon
  • deployment icon
  • installation icon

For technical information on installation, policy configuration and more, please visit the CrowdStrike Tech Center.

Visit the Tech Center