Strengthen Your SIEM: Using Logstash to Connect ArcSight to the Elastic Stack
Register to Watch
Plus, we'll send you relevant content.
As many of our users know, the Elastic Stack helps provide real-time insights into your data at massive scale.
With the release of Logstash 5.1, you can easily connect any device that supports the CEF data format as a codec to the Elastic Stack via files, kafka or syslog. This session will provide a step-by-step guide of how to extend and complement your existing ArcSight deployment with the Elastic Stack. Topics covered will include how to ingest CEF logs to the Elastic Stack using Logstash, visualising dashboards in Kibana, proactively monitoring security data in Elasticsearch using X-Pack alerting features and applying machine learning to identify potential suspicious signatures.
Support Engineer at Elastic, Technology passionate, with several years of experience working with SIEM solutions and big data technologies.
Nicholas Lim is a Consulting Architect with Elastic. He is passionate and experienced in the information security space, where he has spent over 10 years of his career developing, consulting, and implementing security solutions. Nicholas is currently Elastic's only Asia-based Consultant and lives in Sydney, Australia.