On-demand webinar

Integrating custom logs with ECS for Elastic SIEM

Hosted by:

Dain Perkins

Dain Perkins

Product Marketing Engineer, Security

Elastic

Overview

With no shortage of new vendors, logs, and updated reporting and alerting formats, there’s bound to come a time when you need to convert a new stream into Elastic Common Schema to get the most out of your Elastic SIEM.

Join us for a one-hour deep dive into the clean, organized belly of the Elastic Common Schema. We’ll show you how to better understand the SIEM app and we’ll walk through converting new formats to the Elastic Common Schema — enabling all of your logs to work with the SIEM app.

Highlights:

  • Review Elastic Common Schema (ECS) organization
  • Understand how ECS relates to logs and event sources
  • Review how the Elastic SIEM app leverages ECS
  • Dive into the conversion process with a live integration of new logs

Additional Resources:

Register to watch

You'll also receive an email with related content.

MarketoFEForm