Security Analytics for Logs Logo
Powered By

RSA Logo

Security Analytics for Logs Training

Live Online & Classroom Enterprise Training

Powered By

RSA Logo

Security Analytics for Logs Training provides a hands-on configuration of components for log collection, setting up Security Analytics event sources troubleshooting log collection, and creating reports.

Looking for a private batch ?

REQUEST A CALLBACK
Key Features
  • Lifetime Access

  • CloudLabs

  • 24x7 Support

  • Real-time code analysis and feedback

  • 100% Money Back Guarantee

PDP BG 1
SpringPeople Logo

What is Security Analytics for Logs training about?

The course provides an overview of RSA Security Analytics hands-on configuration of components for log collection setting up Security Analytics event sources troubleshooting log collection and creating reports. Additionally the course covers writing parsers for logs.

What are the objectives of Security Analytics for Logs training?

At the end of Security Analytics for Logs training course, participants will learn to:

  • Describe the Security Analytics architecture
  • Identify log deployments
  • Add and configure Security Analytics devices
  • Configure Security Analytics for log collection
  • Configure log collection services
  • Configure IPDB
  • Install the Z Connector
  • Configuring the Security Analytics Warehouse
  • Describe the Security Analytics Investigation Module
  • Apply basic analysis techniques using the Investigation Module
  • Use application rules to create alerts for compliance
  • Create compliance reports
  • Deploy compliance reports from Live
  • Create device parsers
  • Create reports using the IPDB
  • Perform basic troubleshooting for Security Analytics log collection
  • Perform basic troubleshooting for Security Analytics event sources
Available Training Modes

Live Online Training

Classroom Training

 

PDP BG 2

Who is Security Analytics for Logs training for?

  • Anyone who wants to add Security Analytics for Logs skills to their profile
  • Teams getting started on Security Analytics for Logs projects
  • What are the prerequisites for Security Analytics for Logs training?

    • Familiarity with networking fundamentals and general information security concepts.
    • Familiarity with Linux.

    Course Outline

    • 1. RSA Security Analytics Overview
      • What is RSA Security Analytics
      • RSA Security Analytics architecture
      • Licensing
      • RSA Security Analytics Data flow
      • Log Deployment
      • Data sources
      • Deployment scenarios
      • Log Collection Service
      • RSA Security Analytics user interface
      • Customizing the interface
    • 2. Configuring RSA Security Analytics
      • Administration Module Overview
      • Configuring devices
      • Configuring Live
      • Custom feeds
      • Configuration files
      • Configuring the Reporting Engine
      • Configuring Context Menu Actions
      • Configuring the Security Analytics Warehouse
      • Configuring the Security Analytics Warehouse Connector
      • Configuring the Archiver
      • Configuring Event Stream Analysis (ESA)
      • Configuring the Z Connector
    • 3. Setting Up Data Collection
      • Setting up capture for packets and log data
      • Configuring log collection
      • Data collection for syslog
      • Setting up collection for: - File Reader - tWindows - tODBC - tCheck Point - tVMware - tSDEE - tSNMP -
      • Testing data capture
      • Event source monitoring
    • 4. Investigation Basics
      • Investigation module navigation options
      • Investigating events
      • Creating a custom view
      • Creating an application rule
      • Navigating metadata
      • Viewing data
      • Query construction and usage
      • Creating alerts with application rules
    • 5. Creating Reports and Alerts
      • Reporting module overview
      • Creating compliance reports
      • Deploy compliance reports from Live
      • Charts
      • Creating alerts using ESA
    • 6. Creating Log Parsers
      • Introduction to parsers
      • Creating content using parsers
      • Log parser structure
      • Deploy and create log parsers
      • Event Source Integrator (ESI)
    • 7. Basic Troubleshooting for Logs
      • Identify and resolve common issues with Security Analytics log collection
      • Apply troubleshooting techniques to the RSA Security Analytics log collection process
      • Outline a troubleshooting approach for various RSA Security Analytics event sources
      • Review techniques to monitor and troubleshoot the RSA Archiver and Security Analytics Warehouse

    Who is the instructor for this training?

    The trainer for this Security Analytics for Logs has extensive experience in this domain, including years of experience training & mentoring professionals.

    Reviews