LAB

Log Analysis: Using a SIEM

In this lab, you’ll practice how to ingest and use logs from multiple sources using a SIEM. When you’re finished, you’ll have the ability to process your own log data using open source tools..

* Our Labs are Available for Enterprise and Professional plans only.
Terms and conditions apply.

Contact sales

Lab info

Rating (20)

Level

Beginner

Duration

50m

Released

Oct 07, 2022

Lab author

Joe Abraham

Joe Abraham, CCIE #62417, is a Network Security Consultant working in the public sector space, assisting customers develop and implement functional and secure network architectures. He graduated from Excelsior College with an M.S. in Cybersecurity and a B.S. in Information Technology (Network Management). He currently holds many IT certifications to include CCIE, CISSP, GSEC, and CCNP Security. He is also a member of the GIAC Advisory Board. Joe is a mentor to IT professionals and a blogger who ... more

Challenge

Getting Started in the Lab Environment

Here are the initial instructions and explanation of the lab environment. Read this while your environment is busy creating itself from nothing. Yes, this violates physics; we know. How fun!

Challenge

Ingest Log Data with a SIEM

During this challenge, you will learn how to ingest logs into the SIEM within the virtual environment. You’ll start by exploring the Elastic Stack Components within Security Onion, and will learn how to modify the configurations to ingest new data. You’ll then validate the data in the Security Onion instance of Kibana, and become acclimated with the web UI.

Challenge

Search and Use Log Data with a SIEM

During this challenge, you will verify additional log sources for the SIEM, and explore additional ones to add from within the system. You’ll start out by ensuring that multiple sources of log data are being ingested, and configure any corresponding inputs, then add additional logs from the Security Onion system. Then, you will validate the data, and practice searching and using it within Kibana. You will also explore some of the prebuilt dashboards and visualizations for this data from Security Onion.

Challenge

The Last Challenge

Welcome to the final challenge! This is your last chance to experiment in the environment. Clicking Finish Lab will end this little world that flittered into existence just for you.

Provided environment for hands-on practice

We will provide the credentials and environment necessary for you to practice right within your browser.

Guided walkthrough

Follow along with the author’s guided walkthrough and build something new in your provided environment!

Did you know?

On average, you retain 75% more of your learning if you get time for practice.

Recommended prerequisites

Basic Linux Knowledge

Ready to skill up
your entire team?

Subscriptions

Continue to checkout Continue to checkout

Cancel

With your Pluralsight plan, you can:

With your 30-day pilot, you can:

Access thousands of videos to develop critical skills
Give up to 10 users access to thousands of video courses
Practice and apply skills with interactive courses and projects
See skills, usage, and trend data for your teams
Prepare for certifications with industry-leading practice exams
Measure proficiency across skills and roles
Align learning to your goals with paths and channels

Ready to skill up
your entire team?

Subscriptions

Continue to checkout

Cancel

With your Pluralsight plan, you can:

With your 30-day pilot, you can:

Access thousands of videos to develop critical skills
Give up to 10 users access to thousands of video courses
Practice and apply skills with interactive courses and projects
See skills, usage, and trend data for your teams
Prepare for certifications with industry-leading practice exams
Measure proficiency across skills and roles
Align learning to your goals with paths and channels

Contact Sales

Log Analysis: Using a SIEM

Lab info