English | Size: 2.69 GB
Genre: eLearning
Complete step by step Core Administration tasks of daily operations
What you’ll learn
USE THE FOLLOWING CODE TO GET A 20% DISCOUNT: FFCA537E5F1195111EA6
1 – Course Introduction
2 – LogRhythm Architecture Overview
2.1 – What Is LogRhythm SIEM?
2.2 – LogRhythm Components Overview.
2.3 – LogRhythm Workflow and Log Life.
3 – LogRhythm Data Management
3.1 – LogRhythm Classifications.
3.2 – LogRhythm Common Events and Metadata.
3.3 – LogRhythm Data Storage Architecture.
4 – Client Console and Web Console Overview
4.1 – Walkthrough of Client Console.
4.2 – Walkthrough of Web Console.
5 – Entities Management
5.1 – Entity Overview and Entity Creation.
5.2 – Network Record Creation and Management
5.3 – Host Record Creation and Management.
6 – List Management
6.1 – List Overview and List Permissions.
6.2 – List Creation.
6.3 – Retiring and Expiring List.
7 – Knowledge Base Management
7.1 – Knowledge Base Overview.
7.2 – Understanding and Enabling KB Modules.
8 – User’s Profiles
8.1 – User Records & Profile Management.
8.2 – User and Profile Creation.
8.3 – User Security, Person and Role records.
8.4 – Entities & Permission.
8.5 – Types of User Ownership
9 – System Settings
9.1 – Global Risk Base Priority and RBP Calculator.
9.2 – Global Settings and Data management.
9.3 – Active Directory Synchronization.
9.4 – LogRhythm True Identity for Active Directory.
9.5 – Component Log Levels.
9.6 – Service accounts and Archive Path.
10 – Data Masking
10.1 – Data Masking Overview.
10.2 – Scenarios to Apply Data Masking.
10.3 – How to Apply Data Masking.
11 – Global Log Processing Rules
11.1 – GLPR Overview.
11.2 – Scenarios to Apply GLPR.
11.3 – How to create GLPR.
12 – Client Console Investigation
12.1 – Searching Logs in Client Console.
12.2 – How to Create Graph in Investigation.
12.3 – Search Realtime Logs with tail.
12.4 – Personal Dashboard in Client Console
13 – Report Center
13.1 – Report Template Creation.
13.2 – Report Types and creation.
13.3 – Report Package Creation.
13.4 – Schedule Report Package in Report Manager.
13.5 – LogRhythm Reporting with Grafana.
14 – Second Look Wizard
14.1 – Second Look Overview.
14.2 – Restore Logs with Second Look Wizard.
14.3 – LogRhythm Archive Utility.
15 – System Monitor
15.1 – System Monitor Types.
15.2 – Deployment of System Monitor Agent.
15.3 – Advance Configuration of System Monitor
15.4 – Smart Response Initiation from System Monitor
16 – Log Sources
16.1 – Default Supported Log Sources Overview
16.2 – Log Source Integration and Configuration.
16.3 – Bulk Log Source Adding.
16.4 – Log Source Virtualization.
17 – Advance Intelligence Engine
17.1 – AIE Overview and Common Configuration.
17.2 – Types of Rule Blocks.
17.3 – Use Case Creation.
17.4 – Adding Smart Response in AIE Use Case.
18 – Alarm Rules
18.1 – Alarm Rules Overview.
18.2 – Difference between AIE Rules and Alarm Rules.
18.3 – Enabling the Alarm rules.
19 – Custom Dashboard Creation
19.1 – Step-by-Step Custom dashboard creation.
19.2 – Widget types and tuning.
19.3 – Lucene Search to filter data in Dashboard.
20 – Alarm Management
20.1 – Alarm Grid View.
20.2 – Handling Alarms with Status.
20.3 – Link Multiple Alarms.
21 – Case Management
21.1 – Case Creation and Collaboration.
21.2 – Adding Evidences in Case.
21.3 – Case priority, status and workflow.
21.4 – Case Resolution
22 – Database Management
22.1 – How to create database backup job.
22.2 – How to create database cleanup job.
23 – Threat Intelligence
23.1 – Installation and Overview of Threat Intelligence.
23.2 – Enabling Threat Modules.
23.3 – Associate modules with Lists.
24 – Configuration Assessment and Health Check
24.1 – Integrated Log sources Assessment and Health Check.
24.2 – MPE Rules Assessment and Health Check.
24.3 – AIE Rules Assessment and Health Check.
24.4 – LogRhythm Diagnostic tool.
Hello everyone and welcome to the LogRhythm Central Administration Course. I am glad you are here and I am glad you have enrolled.
My name is Adeel and I am a Cyber Security Engineer with more than 10 years of experience. I will be your instructor on this course.
If you are new to LogRhythm & you have never used LogRhythm before so this is the perfect course for you. I am assuming that you have no prior knowledge of LogRhythm Administration and by the time you are done with this course, you are going to have a very good understanding of LogRhythm Administration and you will have expertise in LogRhythm Administration.
My goal in this course is to help you in understanding LogRhythm Architecture and step by step performing Administration task of LogRhythm SIEM.
This is the course I wish had existed when I was first starting LogRhythm Deployment and Administration.
This is not going to be just a quick how to get up and run. I really want to make sure to perform all the administrative tasks which will help you in your daily routine.
I want to take a few minutes and I want to walk through to the curriculum because I need you to understand what you are going to learn before you jump into the course material.
Let’s go ahead and take a look at that right now.
This course is broken up into 23 main sections and.
Number one is LogRhythm Architecture Overview: In this section we will see what is LogRhythm SIEM. How Many components LogRhythm have. Also, we will see the workflow and life of log in LogRhythm.
Number two is Data Management: In this section we will talk about LogRhythm classifications, common events and metadata. Also, we will see the LogRhythm data storage Architecture.
Number three is Client console and web console: In this section we will perform a complete overview of client and web console and will have full understanding of client console and web console.
Number four is Entities Management: In this section we will talk about LogRhythm entities and types. We will create entities and add network and host records in it. Also, we will create bulk entities by csv file.
Number five is List management: in this section we will talk about list management in detail. We will create a list and also, we will retire and expire the list.
Number six is Knowledge base management: in this section we will see the knowledge base architecture and also how to enable modules in knowledge base.
Number seven is User’s Profiles: In this section we will talk about user records and profile management. We will create users and roles. We will assign permissions to created users and limit them to entities.
Number eight is System settings: in this section we will check the global risk base priority. How it works and also, we will see the RBP calculator.
We will see the global settings and data management. We will perform active directory synchronization. We will use true identity tool to fetch users and groups data from active directory which helps in identifying users easily.
we will change the component logging levels. And we will see service account and archive path.
Number nine is data masking: in this section we will see what data masking is and how it works. We will apply data masking on live logs and also, we will talk about scenarios in which data masking must be applied.
Number ten is global log processing rules (GLPR): In this section we will see what is GLPR. Why do we need GLPR and how to create GLPR.
Number 11 is client console investigation: in this section we will see how to investigate logs in client console. How to create graphs on investigated logs in client console. How to use tail to see Realtime logs and how to create personal dashboard in client console.
Number 12 is the Report center: in this section we will talk about report templates and report types. We will create a sample report on logs data. We will create a report package and we will see how to schedule a report package. Also, we will see how to get reports with Grafana.
Number 13 is Second Look Wizard: in this section we will see how to restore logs with the help of Second Look Wizard. Also, we will restore logs with the help of LogRhythm archive utility. This is a very powerful utility to restore logs. I will show you how it works.
Number 14 is System Monitor: in this section we will talk about types of system monitor agents. We will see how to deploy it and how to perform advanced configuration of the system monitor. Also, we will initiate smart responses with the help of system monitor agents.
Number 15 is Log Source: in this section we will have a complete overview of LogRhythm supported log sources. We will integrate some log sources with LogRhythm like windows, Linux, web server and database. We will also see the method of bulk log source integration by which you can integrate hundreds of log sources in one go. Then we will talk about log source virtualization and see how it works.
Number 16 is Advance Intelligence engine: in this section we will have a complete overview of AI engine and its common configurations. We will talk about rule block types. We will create new use cases and also modify some existing use cases. We will also execute smart responses from AI engine.
Number 17 is Alarm Rules: in this section we will have a complete overview of alarm rules. We will see the difference between alarm rules and ai engine rules. We will also enable some alarm rules and test it.
Number 18 is Custom dashboard creation: in this section we will create custom dashboard and add multiple widgets in it then we will modify that widget according to our requirement. Also, we will get help from Lucene query to customize the widgets and dashboard.
Number 19 is alarm management: in this section we will see how to manage alarms and how to investigate the alarm and also how to link multiple alarms in one view.
Number 20 is case management: in this section we will talk about case management. How to create a new case and how to add collaborator in case. How to set case priorities and how to check the status and work flow. Also, we will talk about case resolution.
Number 21 is database management: In this section we will see how to create LogRhythm database backup job and also how to set up database cleanup job.
Number 22 is Threat intelligence: in this section we will install threat intelligence tools and configure it. We will enable the threat intelligence module after installation and then we will associate it with the lists.
Number 23 is Configuration assessment and Health check: in this section we will perform complete assessment and health check of LogRhythm integrated Log sources, MPE Rules and AI engine. We will also use LogRhythm diagnostic tool to check the health status of LogRhythm Components.
Who this course is for:
System Administrators
LogRhythm Administrators
LogRhythm Analysts
SOC Engineers
Fresh Students who want to learn LogRhythm
rapidgator.net/file/05e7047cec7353b13253cc76ee86ec80/LogRhythm-Central-Administration-Novice-to-Professional.part1.rar.html
rapidgator.net/file/fac42a1d83aa1c9abc15bb7c93a52612/LogRhythm-Central-Administration-Novice-to-Professional.part2.rar.html
rapidgator.net/file/a14e7eb2336aceabec94f53259294a47/LogRhythm-Central-Administration-Novice-to-Professional.part3.rar.html
rapidgator.net/file/0a8d9cb982eb5a4bc35350b181af9edc/LogRhythm-Central-Administration-Novice-to-Professional.part4.rar.html
rapidgator.net/file/3943398ac4ad28c9e84fdeb58bbc09d6/LogRhythm-Central-Administration-Novice-to-Professional.part5.rar.html
rapidgator.net/file/2a0c18dbeeed2b7d83d3630285b9b21b/LogRhythm-Central-Administration-Novice-to-Professional.part6.rar.html
rapidgator.net/file/fdb6ff2589be3019e5a97282e57c3ad1/LogRhythm-Central-Administration-Novice-to-Professional.part7.rar.html
nitroflare.com/view/42D0C9A7296C732/LogRhythm-Central-Administration-Novice-to-Professional.part1.rar
nitroflare.com/view/844786613374787/LogRhythm-Central-Administration-Novice-to-Professional.part2.rar
nitroflare.com/view/2BABCC3AEE5E569/LogRhythm-Central-Administration-Novice-to-Professional.part3.rar
nitroflare.com/view/EFCF738FF59D7D2/LogRhythm-Central-Administration-Novice-to-Professional.part4.rar
nitroflare.com/view/2C4B8B1A03C837F/LogRhythm-Central-Administration-Novice-to-Professional.part5.rar
nitroflare.com/view/CC65FEAF056E790/LogRhythm-Central-Administration-Novice-to-Professional.part6.rar
nitroflare.com/view/F744B22C9E0D224/LogRhythm-Central-Administration-Novice-to-Professional.part7.rar
If any links die or problem unrar, send request to
forms.gle/e557HbjJ5vatekDV9