Parsing and Correlating Logs with syslog-ng

syslog-ng gives you a great open source tool for centralized log collection, parsing, and correlation. This course will teach you about this tool and how to configure and use it within your network to suit your needs.
Course info
Level
Intermediate
Updated
Feb 3, 2020
Duration
1h 39m
Table of contents
Description
Course info
Level
Intermediate
Updated
Feb 3, 2020
Duration
1h 39m
Description

syslog-ng is a log collection tool that can ship, parse, correlate, and rewrite the logs it receives, enabling organizations to offload the SIEM resources that are dedicated to these activities, which can help normalize traffic. Learning how to configure, use, and customize this tool will help you manage your logging infrastructure effectively. In this course, Parsing and Correlating Logs with syslog-ng, you will learn all about this tool and how it functions, as well as how to use it. First, you will explore the tool, its purpose, and syslog as a protocol. Next, you will see how to configure it in your environment, and dive deep into parsing with syslog-ng. Finally, you will discover how to correlate with it. When you are finished with this course, you will have a full understanding of syslog-ng and be able to establish and maintain a strong logging infrastructure.

About the author
About the author

Joe is a Network Consulting Engineer and has worked in the IT industry since 2010. He has experience in teaching and mentoring IT professionals in both DoD environments and in the civilian sector, in both the networking and IT security fields.

More from the author
Cisco CyberOps: Security Monitoring
Intermediate
1h 59m
Aug 5, 2020
Cisco CyberOps: Exploring Security Concepts
Intermediate
1h 37m
May 29, 2020
More courses by Joe Abraham
Section Introduction Transcripts
Section Introduction Transcripts

Course Overview
Hi, everyone. My name's Joe Abraham and welcome to my course harshing and correlating logs with CeCe Log and G. I'm currently a network security consultant and a floral site course author with courses in the I T operations and security domains. Do you want to learn about a great law collection tool that gives you the ability to parson correlate your data before it hits your SIM? Do you need to normalize your data but don't know where to start? Well, in this course, we're going to help with that. I'll help you learn all about Sis, Long and G and how you can use it to pour ce, correlate and normalize your machine data on a centralized server. Some of the major topics that will cover include learning about and configuring sis log and G parsing logs with this log and G and correlating logs with CeCe Log in G. By the end of this course, you'll know how to ingest many different data formats into Sis, Log and G. How to parse them and convert them to the cyst log standard and how to Chorley events before beginning the course you should be familiar with basic. I T terminology and have a desire to learn more about centralized logging. Knowledge of machine data would help out as well. From here, you should feel comfortable diving further into sis, Log and G and more advanced parsing and filtering with it, as well as learning more about both machine data and the uses of it through courses on security event triage and analyzing machine data in Splunk. I hope you'll join me on this journey to learn more about CeCe Log and G with the parsing and correlating logs with CeCe Log and G course at Pluralsight.