Do you want to enter the SIEM field?
Do you want to learn one of the leaders SIEM technologies?
Do you want to understand the concepts and gain the hands-on on Micro Focus ArcSight SIEM?
Then this course is designed for you.
Through baby steps you will learn Micro Focus ArcSight SIEM
New section added for ArcSight Logger that includes
-
Microfocus ArcSight Logger Installation (4 lectures)
-
Microfocus ArcSight Logger GUI Demystified
-
Ingesting Data in Logger and create Dashboards (2 lectures)
The course covers the following lessons:
-
Import Brute Force package from ArcSight marketplace
-
Import Sysmon package from ArcSight marketplace
-
What is SIEM
-
ArcSight SIEM
-
ESM Enables Situational Awareness
-
ESM Anatomy
-
SmartConnectors
-
ArcSight Manager & CORR-EngineStorage
-
User Interfaces & Use Cases
-
Interactive Discovery & Pattern Discovery
-
ESM on an Appliance & Logger & ArcSight Solutions
-
Life Cycle of an Event Through ESM
-
Data Collection and Event Processing – Collect & Normalize Event Data
-
Data Collection and Event Processing – Apply Event Categories
-
Data Collection and Event Processing – Look up Customer and Zone in Network Model
-
Data Collection and Event Processing – Filter and Aggregate Events & Managing SmartConnector Configurations
-
Priority Evaluation and Network Model Lookup
-
Workflow
-
Correlation Evaluation – Correlation Overview & Filters & Rules
-
Correlation Evaluation – How Rules are Evaluated & How Rules Use Active & Session Lists
-
Correlation Evaluation – Data Monitors
-
Correlation Evaluation – How Correlation Uses Local and Global Variables & Velocity Templates
-
Correlation Evaluation – Event Types
-
Fixing Time of Log Source
-
Forgotten ESM Account Password and Disabled Account
