- Course
Analyze Network Event Activity Data with Elasticsearch
As our infrastructures grow, the quality of our data from these devices is becoming critical to cyber operations. This course will teach you how to ingest and use network event and telemetry data for threat hunting operations.
Intermediate
- Course
Analyze Network Event Activity Data with Elasticsearch
As our infrastructures grow, the quality of our data from these devices is becoming critical to cyber operations. This course will teach you how to ingest and use network event and telemetry data for threat hunting operations.
Intermediate
Get started today
Access this course and other top-rated tech content with one of our business plans.
Try this course for free
Access this course and other top-rated tech content with one of our individual plans.
This course is included in the libraries shown below:
- Security
What you'll learn
In today’s cybersecurity landscape, threats are everywhere. Our telemetry and network event data quality is important to detecting, responding to, and mitigating those threats. Elasticsearch can help ease the burden of sifting through the large amounts of data that we collect. In this course, Analyze Network Event Activity Data with Elasticsearch, you’ll learn to ingest network event and telemetry data, and use it to find threats. First, you’ll explore how to ingest security device logs and Netflow, and use it to find potential threats. Next, you’ll discover how to use application data to detect anomalies and interesting behavior. Finally, you’ll learn how to correlate the data between the various sources to identify threats. When you’re finished with this course, you’ll have the skills and knowledge of Elasticsearch needed to effectively use the data being collected for cyber operations.
Analyze Network Event Activity Data with Elasticsearch
Intermediate
Joe is a Network Consulting Engineer and has worked in the IT industry since 2010. He has experience in teaching and mentoring IT professionals in both DoD environments and in the civilian sector, in both the networking and IT security fields.