RSA Certified Security Analytics for Logs Training

Live Online & Classroom Certification Training

Security Analytics for Logs Training provides a hands-on configuration of components for log collection, setting up Security Analytics event sources troubleshooting log collection, and creating reports.

(4.7) 122 Learners
Instructed by SPRINGPEOPLE

No Public/Open-house class on the topic scheduled at the moment!

Course Description


The course provides an overview of RSA Security Analytics hands-on configuration of components for log collection setting up Security Analytics event sources troubleshooting log collection and creating reports. Additionally the course covers writing parsers for logs.


At the end of Security Analytics for Logs training course, participants will learn to:

  • Describe the Security Analytics architecture
  • Identify log deployments
  • Add and configure Security Analytics devices
  • Configure Security Analytics for log collection
  • Configure log collection services
  • Configure IPDB
  • Install the Z Connector
  • Configuring the Security Analytics Warehouse
  • Describe the Security Analytics Investigation Module
  • Apply basic analysis techniques using the Investigation Module
  • Use application rules to create alerts for compliance
  • Create compliance reports
  • Deploy compliance reports from Live
  • Create device parsers
  • Create reports using the IPDB
  • Perform basic troubleshooting for Security Analytics log collection
  • Perform basic troubleshooting for Security Analytics event sources

Suggested Audience -

  • RSA Security Analytics Administrators
  • Compliance Officers
  • Content Developers

Duration - 4 Days


  • Familiarity with networking fundamentals and general information security concepts.
  • Familiarity with Linux.

Course Curriculum

Expand All
  • What is RSA Security Analytics
  • RSA Security Analytics architecture
  • Licensing
  • RSA Security Analytics Data flow
  • Log Deployment
  • Data sources
  • Deployment scenarios
  • Log Collection Service
  • RSA Security Analytics user interface
  • Customizing the interface
  • Administration Module Overview
  • Configuring devices
  • Configuring Live
  • Custom feeds
  • Configuration files
  • Configuring the Reporting Engine
  • Configuring Context Menu Actions
  • Configuring the Security Analytics Warehouse
  • Configuring the Security Analytics Warehouse Connector
  • Configuring the Archiver
  • Configuring Event Stream Analysis (ESA)
  • Configuring the Z Connector
  • Setting up capture for packets and log data
  • Configuring log collection
  • Data collection for syslog
  • Setting up collection for: - File Reader - tWindows - tODBC - tCheck Point - tVMware - tSDEE - tSNMP -
  • Testing data capture
  • Event source monitoring
  • Investigation module navigation options
  • Investigating events
  • Creating a custom view
  • Creating an application rule
  • Navigating metadata
  • Viewing data
  • Query construction and usage
  • Creating alerts with application rules
  • Reporting module overview
  • Creating compliance reports
  • Deploy compliance reports from Live
  • Charts
  • Creating alerts using ESA
  • Introduction to parsers
  • Creating content using parsers
  • Log parser structure
  • Deploy and create log parsers
  • Event Source Integrator (ESI)
  • Identify and resolve common issues with Security Analytics log collection
  • Apply troubleshooting techniques to the RSA Security Analytics log collection process
  • Outline a troubleshooting approach for various RSA Security Analytics event sources
  • Review techniques to monitor and troubleshoot the RSA Archiver and Security Analytics Warehouse


SpringPeople works with top industry experts to identify the leading certification bodies on different technologies - which are well respected in the industry and globally accepted as clear evidence of a professional’s “proven” expertise in the technology. As such, these certification are a high value-add to the CVs and can give a massive boost to professionals in their career/professional growth.

Our certification courses are fully aligned to these high-profile certification exams; at the end of the course, participants will have detailed knowledge, be eligible and be fully ready take up these certification exams and pass with flying colours.



SpringPeople Corporate Learning Center

About the Instructor

Founded in 2009, SpringPeople is a global premier eLearning marketplace for Online Live, Instructor-led classes in the region. It is a certified training delivery partner of leading technology creators, namely Pivotal, Elastic, Lightbend, EMC, VMware, MuleSoft, RSA, and... Read More

Course Rating and Reviews


Average Rating
5 Stars
4 Stars
3 Stars
2 Stars
1 Star

SPRINGPEOPLE SpringPeople Trainer

Richa Sinha

Course Material:
Class Experience:
There should be an inclusion of the best practices.

SPRINGPEOPLE SpringPeople Trainer

Lohith MV

Tech Lead
Pramata Knowledge Solutions
Course Material:
Class Experience:
I felt course went little slow, we should have covered more topics

SPRINGPEOPLE SpringPeople Trainer

Madhav NV

Product Manager
Sonata Software
Course Material:
Class Experience:

This class is intended for participants with some prior exposure to the technology and are now looking to build up their expertise on the topic.

On successful completion of the course, participants will be eligible to sit of the related certification exam (see course overview). All participants receive a course completion certificate, demonstrating their expertise on the subject.

Total duration of the online, live instructor led sessions. Sessions are typically delivered as short lectures (2-hrs weekdays/3-hrs weekends) and detailed hands-on guidance.

Expected offline lab work hours that participants will need to complete and submit to the trainer, during and after the instructor-led online sessions.

  1. We are happy to refund full fee paid - no questions asked - should you feel that the training is not up to your expectations.
  2. Our dedicated team of expert training enablement advisors are available on email, phone and chat to assist you with your queries.
  3. All courseware, including session recordings, will always be available to access to you for future reference and rework.

Contact Us

1800-313-4030 (BLR)

Schedule a Call

Related Courses

Recently Viewed