Get this course

Logsign Unified Security Operations Platform

Logsign Unified Security Operations Platform - Fundamentals


Description
This course includes all required components to manage Logsign below;

Getting Started
• Logsign Unified Security Operations Platform Overview
• System Requirements
• EPS Calculator & Disk Planning
• Download and Installation
• Installation of Ubuntu 20.04 & Logsign
• How to View Host ID and License Information
• Identifying License Modules

Integration
• Collects and Analyze Event Information
• Data Collection Management
• Understanding Data Collection Types

Account and Views
• Overview of User Management
• Users
• Roles

Deployment
• Usage of User Credentials
• Managed Service Providers (MSS) Integration
• Demo Mode
• Usage of Custom Plugin Tool
• Understanding the need for a cluster
• Add and Syncronize licenses
• Defining Identitiy For Ldap Auth.

Data Management
• Log source parser fallback
• Understanding Sign Settings Methods
• Offline Report Operations
• Validation of Signed data
• EPS Stats & Reading Graphics
• Offline Report Cluster Architecture - Management
• Leaf Mode
• Config Backup
• Data Policy Management Overview
• Data Backup
• Signed Logs
• Archived Logs
• Data Forwarding

Investigate
• Simple Search In Incident Management
• Artifact Overview
• Reviewing Alerts and Investigates
• Assigning user to an incident

System
• Network Interfaces
• Date & Time Settings
• System Update Via User Interface
• Logsign StandAlone Server Power State process.
• Company Settings
• UI Permissions

Responses
• Mail Integration
• Understanding of Fully Automatic Response Technology with Action Rule
• Incident - Response - Send SMS
• Creating and Triggering New Respond Queries
• Taking action to an incident
• Incident Management - FortiGate Action
• Incident Management - Mail Action

Search Fundamentals
• Basic Search with Lucene
• Understanding aggregated data
• Filtering DNS traffic
• Ability to use all lucene techniques query for search
• Set the time range of a search
• Add or remove result fields
• Manage Fieldsets
• Save search results in Mini Queries

Security Analytics
• Creating a New Category for Dashboard
• File Access Control Overview
• Dynamic Search Feature on Dashboards
• Grouped Report Type
• Grouped Plus Report Type
• Grouped Plus Histogram Report Type
• Histogram Report Type
• Table Report Type
• Nested Grouped Plus Report Type
• Map Report Type
• Correlator Report Type
• Compliance Reporting
• Schedule Reports Feature
• Predefined Dashboards Overview
• Choosing right widgets for your log set(s)
• Threat Hunting Queries
• Health Monitoring and Maintenance with Dashboards

UEBA
• Defining And Management - Identitiy & Assets For UEBA
• Detecting and investigating insider threats with UEBA
• User and Entity Behavior Analytics (UEBA) Overview
Content
  • Getting Started
  • Logsign Unified Security Operations Platform Overview
  • System Requirements
  • EPS Calculator & Disk Planning
  • Download and Installation
  • Installation of Ubuntu 20.04 & Logsign
  • How to View Host ID and License Informatio
  • Identifying License Modules
  • Integration
  • Collects and Analyze Event Information
  • Data Collection Management
  • Understanding Data Collection Types
  • Account and Views
  • Overview of User Management
  • Users
  • Roles
  • Data Management
  • Log source parser fallback
  • Understanding Sign Settings Methods
  • Offline Report Operations
  • Validation of Signed data
  • EPS Stats & Reading Graphics
  • Offline Report Cluster Architecture - Management
  • Data Backup
  • Archived Logs
  • Leaf Mode
  • Config Backup
  • Data Policy Management Overview
  • Signed Logs
  • Data Forwarding
  • Deployment
  • Usage of User Credentials
  • Managed Service Providers (MSS) Integration
  • Demo Mode
  • Usage of Custom Plugin Tool
  • Understanding the need for a cluster
  • Add and Syncronize licenses
  • Defining Identitiy For Ldap Auth.
  • Investigate
  • Simple Search In Incident Management
  • Artifact Overview
  • Reviewing Alerts and Investigates
  • Assigning user to an incident
  • System
  • Company Settings
  • Network Interfaces
  • Date & Time Settings
  • System Update Via User Interface
  • Logsign StandAlone Server Power State process.
  • UI Permissions
  • Responses
  • Mail Integration
  • Understanding of Fully Automatic Response Technology with Action Rule
  • Incident - Response - Send SMS
  • Creating and Triggering New Respond Queries
  • Taking action to an incident
  • Incident Management - FortiGate Action
  • Incident Management - Mail Action
  • Search Fundamentals
  • Basic Search with Lucene
  • Understanding aggregated data
  • Filtering DNS traffic
  • Ability to use all lucene techniques query for search
  • Set the time range of a search
  • Add or remove result fields
  • Manage Fieldsets
  • Save search results in Mini Queries
  • Security Analytics
  • Creating a New Category for Dashboard
  • File Access Control Overview
  • Dynamic Search Feature on Dashboards
  • Grouped Report Type
  • Grouped Plus Report Type
  • Grouped Plus Histogram Report Type
  • Histogram Report Type
  • Table Report Type
  • Nested Grouped Plus Report Type
  • Correlator Report Type
  • Compliance Reporting
  • Schedule Reports Feature
  • Predefined Dashboards Overview
  • Choosing right widgets for your log set(s)
  • Health Monitoring and Maintenance with Dashboards
  • UEBA
  • Defining And Management - Identitiy & Assets For UEBA
  • Detecting and investigating insider threats with UEBA
  • User and Entity Behavior Analytics (UEBA) Overview
  • Logsign Unified Security Operations Platform - Fundamentals Test
Completion rules
  • All units must be completed
  • Leads to a certificate with a duration: 1 year
Back