Security Analytics for Logs Training

Live Online & Classroom Enterprise Training

Security Analytics for Logs Training provides a hands-on configuration of components for log collection, setting up Security Analytics event sources troubleshooting log collection, and creating reports.

Looking for a private batch ?

REQUEST A CALLBACK

Certified Trainer
Authorized Courseware
Completion Certificate from ATP

Enterprise Reporting
Lifetime Access
CloudLabs
24x7 Support
Real-time code analysis and feedback

What is Security Analytics for Logs Training about?

The course provides an overview of RSA Security Analytics hands-on configuration of components for log collection setting up Security Analytics event sources troubleshooting log collection and creating reports. Additionally the course covers writing parsers for logs.

What are the objectives of Security Analytics for Logs Training ?

At the end of Security Analytics for Logs training course, participants will learn to:

Describe the Security Analytics architecture
Identify log deployments
Add and configure Security Analytics devices
Configure Security Analytics for log collection
Configure log collection services
Configure IPDB
Install the Z Connector
Configuring the Security Analytics Warehouse
Describe the Security Analytics Investigation Module
Apply basic analysis techniques using the Investigation Module
Use application rules to create alerts for compliance
Create compliance reports
Deploy compliance reports from Live
Create device parsers
Create reports using the IPDB
Perform basic troubleshooting for Security Analytics log collection
Perform basic troubleshooting for Security Analytics event sources

What are the prerequisites for Security Analytics for Logs Training?

Familiarity with networking fundamentals and general information security concepts.
Familiarity with Linux.

Available Training Modes

Live Online Training

18 Hours

Classroom Training

3 Days

Course Outline Expand All

Expand All

1. RSA Security Analytics Overview

What is RSA Security Analytics

RSA Security Analytics architecture

Licensing

RSA Security Analytics Data flow

Log Deployment

Data sources

Deployment scenarios

Log Collection Service

RSA Security Analytics user interface

Customizing the interface

2. Configuring RSA Security Analytics

Administration Module Overview

Configuring devices

Configuring Live

Custom feeds

Configuration files

Configuring the Reporting Engine

Configuring Context Menu Actions

Configuring the Security Analytics Warehouse

Configuring the Security Analytics Warehouse Connector

Configuring the Archiver

Configuring Event Stream Analysis (ESA)

Configuring the Z Connector

3. Setting Up Data Collection

Setting up capture for packets and log data

Configuring log collection

Data collection for syslog

Setting up collection for: - File Reader - tWindows - tODBC - tCheck Point - tVMware - tSDEE - tSNMP -

Testing data capture

Event source monitoring

4. Investigation Basics

Investigation module navigation options

Investigating events

Creating a custom view

Creating an application rule

Navigating metadata

Viewing data

Query construction and usage

Creating alerts with application rules

5. Creating Reports and Alerts

Reporting module overview

Creating compliance reports

Deploy compliance reports from Live

Charts

Creating alerts using ESA

6. Creating Log Parsers

Introduction to parsers

Creating content using parsers

Log parser structure

Deploy and create log parsers

Event Source Integrator (ESI)

7. Basic Troubleshooting for Logs

Identify and resolve common issues with Security Analytics log collection

Apply troubleshooting techniques to the RSA Security Analytics log collection process

Outline a troubleshooting approach for various RSA Security Analytics event sources

Review techniques to monitor and troubleshoot the RSA Archiver and Security Analytics Warehouse

Who is the instructor for this training?

The trainer for this Security Analytics for Logs Training has extensive experience in this domain, including years of experience training & mentoring professionals.

Reviews

My outlook on training changed completely after attending SpringPeople BPC training. The content, the trainer and infrastructure at SpringPeople were top notch and perfectly in tune with the industry requirements. Regardless to say, training is now something that I look forward to to. Kudos to everyone at SpringPeople!

Shweta Priya

Sony

I attended the 3-day AngularJs training at SpringPeople. The trainer was an industry veteran with vast experience in the subject. Notably, the hands-on training, and the Q&A session stood out. Overall, I found SpringPeople a great place to learn with excellent facilities and great trainers. Would recommend SpringPeople to my colleagues and friends.

Swati Singh

I attended the training on API Design for Mulesoft. The sessions were well planned and value-laden. I benefited immensely from the hands-on experience enabled through virtual labs. I would like to specifically commend the efficiency of the support team who were always available to resolve my concerns.

Nikhil Kohli

Stryker

I attended the jQuery training batch, conducted by Mr. Vijay, an SME who did a thorough coverage of all the essentials. He took us through concepts such as jQuery animations, event handlers, plugins, and jQuery-UI by small programs, very easily. The sessions were useful and well structured. By the end of the training, I was well equipped to develop a SPA on Product Management System. Overall, the learning experience at SpringPeople was great!

Heena Rajan

Mindtree