Simple play icon Course
Skills Expanded

Parsing and Correlating Logs with syslog-ng

by Joe Abraham

syslog-ng gives you a great open source tool for centralized log collection, parsing, and correlation. This course will teach you about this tool and how to configure and use it within your network to suit your needs.

What you'll learn

syslog-ng is a log collection tool that can ship, parse, correlate, and rewrite the logs it receives, enabling organizations to offload the SIEM resources that are dedicated to these activities, which can help normalize traffic. Learning how to configure, use, and customize this tool will help you manage your logging infrastructure effectively. In this course, Parsing and Correlating Logs with syslog-ng, you will learn all about this tool and how it functions, as well as how to use it. First, you will explore the tool, its purpose, and syslog as a protocol. Next, you will see how to configure it in your environment, and dive deep into parsing with syslog-ng. Finally, you will discover how to correlate with it. When you are finished with this course, you will have a full understanding of syslog-ng and be able to establish and maintain a strong logging infrastructure.

About the author

Joe Abraham, CCIE #62417, is a Cybersecurity Architect working in the public sector space, assisting customers develop and implement functional and secure network architectures. He graduated from Excelsior College with an M.S. in Cybersecurity and a B.S. in Information Technology (Network Management). He currently holds many IT certifications to include CCIE, CISSP, GSEC, and CCNP Security. Joe is a mentor to IT professionals and a blogger who spends his time either with his wife and three child... more

Ready to upskill? Get started