NetEye Log Analytics & SIEM (WPN4-ELK) - Online Training

Description 

  • NetEye Log Analytics & SIEM training modules to learn basic and partially advanced concepts behind Elastic and how to deal with it.

Scope

Make participants able to: 

  • handle with the main features and the configuration to implement the SIEM process and Log Analytics

  • understand which can be the proper NetEye Elastic functionality to face a particular situation in your organization

Required knowledge 

  • Basic knowledge of NetEye
  • Basic knowledge on how to use Elastic

Getting ready for the training 

Please take a look at the following FREE online material in order to get ready for the training: 

Target group

  • future NetEye Elastic users dealing with it on a daily basis or frequently
  • future "Administrator" NetEye Elastic users
  • IT administrators, who are using NetEye 4 or who are planning to implement it

Date and Location

  • from 23rd to 26th October 2023 
  • from 9am to 1 pm
  • Remote training session. Online course that you can access remotely. 
  • Examination date: 2nd November 2023

Required material

  • Participants need to have their own workstation with at least two screens and with a web browser pre-installed (preferably Google Chrome). 
  • They need to reach public IP via RDP and RDP client. 
  • They must have a stable Internet connection.

Trainer and course language

  • Enrico Alberti, NetEye Consultant at Würth Phoenix
  • The course will be held in Italian.
  • The training material and certification exam are always in English

Costs

  • Participation: € 1.226 (excl. of VAT)
  • Certification: € 120 (excl. of VAT)

Certification

  • NetEye Log Analytics and SIEM Engineer Release 4.x Certified

Content

NetEye Elastic module overview

Overview of all NetEye Elastic OEM main functionalities based on Online demo

Introduction

  • Presentations

  • LogManagement Architecture overview

  • Review of the Elastic module web interface

Log Presentation

Kibana presentation

  • Lab: Dashboard navigation, search, visualize, monitoring
  • Lab: Creating dashboards and all necessary elements

Log Collection

Log Collection through Elastic Agents

  • Introduction
  • Elastic Common Schema concepts
  • Lab: Configuration of Elastic Agents to collect data from different sources
  • Central Configuration of Agents through Fleet Management

Log Administering

  • Index Lifecycle Management, snapshots and problem determination clusters
  • Index Lifecycle Management and troubleshooting
  • Elastic Stack Monitoring

Log Signing

  • Blockchain for real-time log signing
  • Lab: Use of the NetEye real-time log signing function
  •  

Elastic Stack integration in NetEye

  • Role Management
  • Multitenancy
  • Enrichment of Director Data
  • Deepening on GDPR issues related to the collection of system logs

Machine Learning Introduction

  • Machine Learning in the Elastic Stack
  • Lab: Simple ML Job creation

Security Mode

  • Detection
  • Analysis with timeline
  • Log Correlation through EQL
  • Lab: Create new dedicated detection rule
  • IoC Rules
  • Deepening on the strategy for the collection of logs from Windows perimeter with the Windows Forwarder Event
  • Endpoint protection

Alerting and Integration

  • NetEye integration with Tornado module

Exam information

  • Recap and exam information
  • Q&A

I would like to attend the training

Trainings-Form

Personal Information
Thank your very much for your request and your interest on our trainings. All information on your registration will be handled in full compliance with the policies related to the GDPR. Your personal data will be treated confidentially. Neither your name nor your company's name will be made accessible to third parties.

View all trainings