Getting Started with Endpoint Log Analysis

In this course on machine data, you will explore the details of the data that our electronic devices generate. This will be through the use of analysis techniques that will hone your skills to identify malicious activity in a simulated enterprise.
Course info
Level
Beginner
Updated
Sep 27, 2018
Duration
1h 54m
Table of contents
Description
Course info
Level
Beginner
Updated
Sep 27, 2018
Duration
1h 54m
Description

In today’s cybersecurity landscape, the threats are everywhere. Our environments can be compromised from too many attack vectors, both from inside of our network and outside of it. This makes monitoring operations extremely difficult to keep up with. As we include more and more technology within our infrastructure, the amount of machine data that we generate increases as well, and it’s this data that will help us determine malicious activity. In this course, Getting Started with Endpoint Log Analysis, you will learn the skills needed to be able to parse and analyze machine data. First, you will explore what machine data is. Next, you will learn how to inspect machine data, and recognize recon activity. Finally, you will discover how to analyze and search machine data, as well as learn to use machine data to track attacker activity. When you are finished with this course, you will have foundational knowledge about machine data and be able to assist in the continuous monitoring operations within your environment.

About the author
About the author

Joe is a Network Consulting Engineer and has worked in the IT industry since 2010. He has experience in teaching and mentoring IT professionals in both DoD environments and in the civilian sector, in both the networking and IT security fields.

More from the author
Creating Workflow Actions in Splunk
Intermediate
1h 10m
Aug 21, 2019
Generating Tailored Searches in Splunk
Intermediate
1h 55m
May 30, 2019
More courses by Joe Abraham
Section Introduction Transcripts
Section Introduction Transcripts

Course Overview
Hi everyone. My name is Joe Abraham, and welcome to my course, Getting Started with Endpoint Log Analysis. I'm an IT security professional and consulting engineer with over eight years of experience in the networking and security realm, as well as an author here at Pluralsight. In today's cybersecurity landscape, the threats are everywhere. Our environments can be compromised from too many attack vectors, both from inside of our network and outside of it. As we include more and more technology within our infrastructure, the amount of machine data that we generate increases as well. In this course, we're going to make sure that you are ready to take on this machine data and add a couple of things to your ever-growing security toolbox. Some of the major topics that we will cover include, what is machine data, how to inspect machine data, how to analysis this machine data, and how to efficiently parse machine data. By the end of this course, you'll be able to participate in the filtering and analysis of the data in continuous monitoring operations. Before beginning this course, you should be familiar with general IT terminology, security threats to our environments, and maybe have taken some other courses within the security event triage skill path. From here, you should feel comfortable diving into more advanced courses in the security event triage skill path such as Detecting Network Anomalies with Behavioral Analysis and Detecting Systems Anomalies. I hope you'll join me on this journey to learn all about machine data with the Getting Started with Endpoint Log Analysis course, at Pluralsight.