ArcSight Logger & ESM Hands-On

Overview

Get Hands-On Experience on Logger & ESM which are main OpenText ArcSight components

What you'll learn:

ArcSight Logger and ESM Hands-On
SIEM platform that unifies data collection and log management
A Log Management Solution
Ingesting Windows Security Events
Building dashboards
ESM Anatomy
SmartConnectors
ArcSight Manager & CORR-EngineStorage
User Interfaces & Use Cases
Interactive Discovery & Pattern Discovery
ESM on an Appliance & Logger & ArcSight Solutions
Life Cycle of an Event Through ESM
Data Collection and Event Processing - Collect & Normalize Event Data
Data Collection and Event Processing - Apply Event Categories
Data Collection and Event Processing - Look up Customer and Zone in Network Model
Data Collection and Event Processing - Filter and Aggregate Events & Managing SmartConnector Configurations
Priority Evaluation and Network Model Lookup
Workflow
Correlation Evaluation - Correlation Overview & Filters & Rules
Correlation Evaluation - How Rules are Evaluated & How Rules Use Active & Session Lists
Correlation Evaluation - Data Monitors
Correlation Evaluation - How Correlation Uses Local and Global Variables & Velocity Templates
Correlation Evaluation - Event Types
ESM Administration
ArcSight Theory
Import packages from ArcSight marketplace
Sysmon
Brute Force

OpenText ArcSight Data Platform is a SIEM platform that unifies data collection and log management of machine data for security intelligence. Micro Focus ArcSight Logger is a component of Micro Focus ArcSight Data Platform. In this course you will learn how to perform a successful ArcSight Software Logger installation from scratch, ingest replay events, and creating nice dashboards.

((Announcemt))

Significant expansion to the Course Circuilum on 23rd of August 2023

Renamed the course from "Micro Focus ArcSight Logger Hands-On" to "ArcSight Logger & ESM Hands-On" and added below 5 x extra sestions:

1) ESM Installation

2) ESM Console Demystified

3) ESM Hands-ON

4) ESM Administration

5) ArcSight Theory

The above 5 sections will cover the following lessons:

Import Brute Force package from ArcSight marketplace

Import Sysmon package from ArcSight marketplace

What is SIEM

ArcSight SIEM

ESM Enables Situational Awareness

ESM Anatomy

SmartConnectors

ArcSight Manager & CORR-EngineStorage

User Interfaces & Use Cases

Interactive Discovery & Pattern Discovery

ESM on an Appliance & Logger & ArcSight Solutions

Life Cycle of an Event Through ESM

Data Collection and Event Processing - Collect & Normalize Event Data

Data Collection and Event Processing - Apply Event Categories

Data Collection and Event Processing - Look up Customer and Zone in Network Model

Data Collection and Event Processing - Filter and Aggregate Events & Managing SmartConnector Configurations

Priority Evaluation and Network Model Lookup

Workflow

Correlation Evaluation - Correlation Overview & Filters & Rules

Correlation Evaluation - How Rules are Evaluated & How Rules Use Active & Session Lists

Correlation Evaluation - Data Monitors

Correlation Evaluation - How Correlation Uses Local and Global Variables & Velocity Templates

Correlation Evaluation - Event Types

Fixing Time of Log Source

Forgotten ESM Account Password and Disabled Account

Taught by

Hatem Metwally

Reviews

4.4 rating at Udemy based on 73 ratings

Start your review of ArcSight Logger & ESM Hands-On

Taught by

SolarWinds Security Event Manager (SIEM) Network Security

Fortinet FortiSIEM - A Step-by-Step BootCamp

Introduction to SIEM (Splunk)

Introduction to SIEM Tools

Microsoft Sentinel course with hands on sims for beginners

Configure SIEM security operations using Microsoft Sentinel

250 Top FREE Udemy Courses of All Time

250 Top Udemy Courses of All Time

Never Stop Learning.