Elastic Security Analytics

Course Summary

This instructor-led course is designed for analysts that currently use, or are interested in using, the Elastic Stack for security event collection and analytics. You will start with an overview of the Elastic Stack, exploring basic Elasticsearch architecture as well as ingest methods using Beats and Logstash. Then you will take an in-depth look at the various components of Kibana, including how to discover anomalies, build visualizations and dashboards, and work with multiple data sources. As you complete each module, you will apply what you’ve learned to a hands-on security scenario that develops throughout the entirety of the course. By the end of the training, you will be able to use the Elastic Stack to analyze the data sources from your network and various system in order to paint a more complete security picture.

  • Introduction to the Elastic Stack
  • Elasticsearch Architecture
  • Data Ingestion
  • Kibana Overview
  • Bro Data Overview
  • Host Data Overview
  • Guided Analysis of Security Data

Course Details

Security analysts who are researching, building, or leveraging search and analytics solutions using the Elastic Stack

3 Days | 8 hours per day

This course is only offered privately. Please contact your sales representative or email us at sales@elastic.co to schedule a training.

No prior knowledge of the Elastic Stack required

  • Stable internet connection
  • Mac, Linux, or Windows
  • A modern web browser

It was awesome. Both instructors are great speakers. They have a wide and deep knowledge about the topic, and they know how to pass it on. They are infecting with their enthusiasm.

Mariusz Kuskowski | Allegro Group