This instructor-led course is focused around the deployment of the Elastic Stack in a security context, including how to implement the different parts of the Elastic Stack (Elasticsearch, Kibana, Beats, and Logstash) and how to tune performance. You will start with an overview of the Elastic Stack and its core components, and from there, build network security monitoring (NSM) sensors in a variety of configurations. By the end of the training, you will be able to build the Elastic Stack from the ground up to analyze the data sources from your network and various systems in order to paint a more complete security picture.
- Zeek install, operate, and maintain
- Zeek performance tuning
- Kafka install, operate, and maintain
- Passive operations and tapping
- CAPES install, operate, and maintain
- Elastic Stack install, operate, and maintain
- Suricata rule management and tuning
- Sensor troubleshooting
- Engineer capstone event
Security engineers who are responsible for installing, operating, and maintaining the Elastic Stack and network security monitoring platforms
10 Days | 8 hours per day
This course is only offered privately. Please contact your sales representative or email us at email@example.com to schedule a training.
There are no prerequisites for this course.
- An OpenSSH-compatible secure-shell client
- Mac, Linux, or Windows
- Stable internet connection (virtual classroom)
- Latest version of Chrome or Firefox (other browsers not supported)
- Disable any ad-blockers and restart your browser before class