SlideShare une entreprise Scribd logo

LogRhythm Training Syllabus Data Sheet

J
jordagro
Technologie
1  sur  11
Télécharger pour lire hors ligne
LogRhythm v5.1 Training Syllabus This document addresses LogRhythm Classroom-based (Section 1) and Web-based Training (Section 2) Section 1: LogRhythm Classroom-based Training Certifications LogRhythm certifications are available on completion of the following: Course 1 Certified LogRhythm End User and Administrator Course 1 is comprised of the following days of training: Day 1 – Basic End User Days 2 and 3 – Deployment and Administration and Advanced End User Successful completion of associated training exercises Who Should Attend Course 1 is designed for systems administrators, managers, engineers, and other LogRhythm end users who are responsible for system administrative management. Course 2 Certified LogRhythm Rule Developer Course 2 is comprised of the following days of training: Days 4 and 5 – Rule Development Successful completion of associated training exercises Who Should Attend Course 2 is designed for systems administrators and engineers who are supporting custom applications or need to do advanced customization and tuning of their LogRhythm deployment. It is recommended that students attending this course have completed Course 1 and have experience using regular expressions. Course 3 Two Day On-Site Certified LogRhythm End User and Administrator Course 3 is comprised of the following days of training: Day 1 – Basic End User and Advanced End User Training Day 2 – Advanced End User and Administration Who Should Attend Course 3 is designed for systems administrators, managers, engineers, and other LogRhythm end users who are responsible for system administrative management. Courses 1 and 2 may be taken consecutively or separately. Copyright 2010 LogRhythm, Inc. Page 1 of 11
Course 1: Classroom-based End-User and Administrator Training Course 1 consists of three modules: • End-User Training • Advanced End-User • Deployment and Administration End-User Training introduces you to the data access and analysis front end of the LogRhythm solution. You are introduced to the LogRhythm Console and receive instructions on how to customize for your needs. Advanced End-User Training instructs you on how to use advanced methods for log and event analysis. Deployment and Administration instructs you in the administration aspects of the LogRhythm enterprise system to ensure successful and on-going operations. Day One: Basic End-User Training Welcome Orientation and Overview You receive a brief introduction to the facility, area, accommodations, each other, eating arrangements, and a plan for the days ahead. When the class begins, you will receive instructions on how to log into the training environment for hands-on examples and exercises. LogRhythm Overview and Architecture Provides you with the pre-requisite foundation for all other training — an overview of LogRhythm Log and Event Management and basic knowledge of: • LogRhythm terminology • LogRhythm log data hierarchy • LogRhythm logical objects • LogRhythm Knowledge Base • LogRhythm Solution Architecture Analysis and Reporting Provides you with a working knowledge of: • The LogRhythm Dashboard Real-time monitoring and analysis of events and alarms • The LogRhythm Investigator Historic/forensic log and event data analysis Copyright 2010 LogRhythm, Inc. Page 2 of 11
• The LogRhythm Tail Utility Real-time access to raw log data • The LogRhythm Quick Search Toolbar • The LogRhythm Report Center Configuration and generation of reports for compliance, security, and operations Day 1 modules will include instructor-guided, interactive exercises. Days Two and Three: Deployment and Administration and Advanced End-User Training The LogRhythm Deployment, Administration, and Advanced End-User curriculum instructs you in how to use advanced methods for log and event analysis. Topics to be covered include: • Log Source Lists and their use as filters for all data access and analysis functions • Personal Alarms and their use in real-time monitoring • Alarm and Incident Management • Report Templates and how to generating custom reports Deployment and Administration Items to be covered include: 1. Deployment Management • Managing LogRhythm Logical objects o Entities, Networks, and Hosts o Log Managers o Agents o Log Sources o Message Processing Engine Policies o Alarm Rules o People and Users • Common Deployment tasks o Adding Entities, Networks, and Hosts o Deploying a Log Manager o Deploying an Agent o Working with the Job Manager 2. Configuring LogRhythm Agents for Log Collection • Enabling Global Data Management and Global Log Processing Rules • Collecting Windows Event Logs • Collecting Flat File Logs • Collecting Syslog • Collecting Netflow Copyright 2010 LogRhythm, Inc. Page 3 of 11
• Collecting Checkpoint Firewall Logs • Collecting Database data with the Universal Database Log Adapter (UDLA) • Enabling Data Loss Defender (DLD) • Enabling File Integrity Monitor (FIM) 3. Configuring Message Processing Engine Policies • Data retention and archive settings • Log processing and deduplication • Event forwarding • LogMart forwarding • Understanding Risk-Based Prioritization (RBP) 4. Security Administration • Understanding LogRhythm Security Roles • Managing LogRhythm Users • Managing Active Directory Synchronization • Managing Restricted Analysts 5. Configuring and Managing Alarms • Alarm rule administration • Notification administration 6. Archive Restoration 7. Performance Monitoring and Troubleshooting • LogRhythm Diagnostic Events and Alarms • Silent Log Source Detection • LogRhythm Performance Counters Advanced End User Items to be covered include: 1. Configuring and Using Log Source Lists 2. Creating and Managing Saved Investigations 3. Creating and Managing Custom Reports 4. Creating and Managing Scheduled Reports 5. Creating and Managing Global and Personal Alarm Rules Day 2 and 3 modules will include instructor guided interactive exercises. Copyright 2010 LogRhythm, Inc. Page 4 of 11
Course 2: Classroom-based Rule Development Training Days Four and Five (when combined with Course 1): Rule Development LogRhythm Message Processing Engine (MPE) Rule Development The Class is designed systems administrators and engineers who are supporting custom applications or need to do advanced customization and tuning of their LogRhythm deployment. It is recommended students attending the class have some experience with LogRhythm and a basic knowledge of Regular Expressions (regex). LogRhythm is a highly flexible and open system that provides the means for you to develop custom rules to meet your organizational data collection and processing demands. Students will learn all aspects of rule development. They will leave the course with the knowledge and tools required to integrate custom logging devices into LogRhythm and customize LogRhythm’s support for commercial logging devices. This hands-on course will cover items including: • Introduction to Regular Expressions • Rule Function • Rule Definition • Parsing and Attributes • Rule Builder Tool • Tags (Usage, Parsing, Mapping) • Base Rules versus Sub Rules • Naming and Classification Advanced Alarm Rule Development Alarm Rules enable automatic detection and notification of specific activity. LogRhythm includes an extremely powerful and flexible system for creating a wide variety of Alarm Rules. This module provides extensive hands training in the development of sophisticated Alarm Rules for detecting activity in support of compliance, security, and operations objectives. • Overview of the Alarm Rule Processing Engine • Alarm Thresholds, Grouping, and Suppression • Log Source Criteria • Event Criteria • Day and Time Criteria • Advanced Notification Options • Alarm Rule Sharing and Security Day 4 and 5 modules include interactive instructor guided rule development exercises. Copyright 2010 LogRhythm, Inc. Page 5 of 11
Course 3: Classroom-based On-Site End-User and Administrator Training Course 3 consists of three modules: • End-User Training • Advanced End-User • Administration End-User Training introduces you to the data access and analysis front end of the LogRhythm solution. You are introduced to the LogRhythm Console and receive instructions on how to customize for your needs. Advanced End-User Training instructs you on how to use advanced methods for log and event analysis. Administration instructs you in the administration aspects of the LogRhythm enterprise system to ensure successful and on-going operations. Day One: Basic End-User Training LogRhythm Overview and Architecture Provides you with the pre-requisite foundation for all other training — an overview of LogRhythm Log and Event Management and basic knowledge of: • LogRhythm terminology • LogRhythm log data hierarchy • LogRhythm logical objects • LogRhythm Knowledge Base • LogRhythm Solution Architecture Analysis and Reporting Provides you with a working knowledge of: • The LogRhythm Dashboard Real-time monitoring and analysis of events and alarms • The LogRhythm Investigator Historic/forensic log and event data analysis • The LogRhythm Tail Utility Real-time access to raw log data • The LogRhythm Quick Search Toolbar • The LogRhythm Report Center Configuration and generation of reports for compliance, security, and operations Copyright 2010 LogRhythm, Inc. Page 6 of 11
Day Two: Administration and Advanced End-User Training The LogRhythm Deployment, Administration, and Advanced End-User curriculum instructs you in how to use advanced methods for log and event analysis. Topics to be covered include: • Log Source Lists and their use as filters for all data access and analysis functions • Personal Alarms and their use in real-time monitoring • Alarm and Incident Management • Report Templates and how to generating custom reports Advanced End User and Administration Items to be covered include: 8. Configuring LogRhythm Agents for Log Collection • Enabling Global Data Management and Global Log Processing Rules • Collecting Windows Event Logs • Collecting Flat File Logs • Collecting Syslog • Collecting Netflow • Collecting Checkpoint Firewall Logs • Collecting Database data with the Universal Database Log Adapter (UDLA) • Enabling Data Loss Defender (DLD) • Enabling File Integrity Monitor (FIM) 9. Configuring Message Processing Engine Policies • Data retention and archive settings • Log processing and deduplication • Event forwarding • LogMart forwarding • Understanding Risk-Based Prioritization (RBP) 10. Security Administration • Understanding LogRhythm Security Roles • Managing LogRhythm Users • Managing Active Directory Synchronization • Managing Restricted Analysts 11. Configuring and Managing Alarms • Alarm rule administration • Notification administration • Creating and Managing Global and Personal Alarm Rules Copyright 2010 LogRhythm, Inc. Page 7 of 11
12. Archive Restoration 13. Performance Monitoring and Troubleshooting • LogRhythm Diagnostic Events and Alarms • Silent Log Source Detection • LogRhythm Performance Counters Advanced End User Items to be covered include: 1. Configuring and Using Log Source Lists 2. Creating and Managing Saved Investigations 3. Creating and Managing Custom Reports 4. Creating and Managing Scheduled Reports 5. Creating and Managing Global and Personal Alarm Rules Copyright 2010 LogRhythm, Inc. Page 8 of 11
LogRhythm 5.1 Web-based Training Web-based training is delivered from the LogRhythm Learning Center. The classes are videos downloaded/streamed from the web. We recommend that all users take advantage of this training. There are two ways to leverage LogRhythm web-based training: 1) Self-Service: Customers may access the LogRhythm Learning Center and its growing list of online courses via the LogRhythm Support site (with a valid login). 2) Instructor-led –A Certified LogRhythm Trainer introduces/runs the videos and monitors the class to answer chat-style questions during the videos. A question and answer period is provided between Modules. During the Q&A period the instructor can provide answers to specific questions or perform additional demonstrations. Instructor-led courses are can be scheduled based on demand/availability. For Q3 2010 we will run the first course, Searching in LogRhythm, at 1000 MST on the first Friday of each month. For appropriate quality, please ensure you leverage a high speed (DSL minimum) connection. The video portion of each course is planned to be a total of 1-2 hours in length depending on the topic addressed. The course is divided into 4-5 modules of approximately 10 to 25 minutes each. The instructor-led classes are planned to be 1 hour longer than the self-service video classes. The first course was launched in July 2010 and additional courses can be expected roughly once per quarter (Reporting and Alarming are the next planned courses). One course is currently available: Course 1 Searching in LogRhythm - In this course you will learn: LogRhythm’s approach to turn incoming log data into searchable information, to organize an efficient search, the tool (Search Wizard) to build a search, and common approaches to working with Search Results. In addition there will be solid examples and scenarios to reinforce the learning. Copyright 2010 LogRhythm, Inc. Page 9 of 11
Course 1 is comprised of 5 Modules: Module 1: Anatomy of a Log - In this module you will learn how LogRhythm makes sense of incoming log messages and turns the mountains of log data into meaningful information. Understanding how LogRhythm handles logs is a critical building block for anyone looking to search their LogRhythm Deployment. Module 2: Anatomy of a Search – In this module you will learn the how LogRhythm Search works. Just as understanding how LogRhythm handles logs is a first building block, understanding how LogRhythm Search works is a critical second step in efficiently organizing a search in your LogRhythm Deployment. Module 3: Search Wizard – In this module you will learn how to construct a search using the LogRhythm Search Wizard. Building on the concepts and examples in the first two modules you will be able to efficiently construct a search. Module 4: Working with Search Results – In this module you will learn common approaches to working with Search Results, including common tools with examples. Module 5: Specific Examples and Scenarios - In this module you will be exposed to additional examples and scenarios that are typical for many LogRhythm Deployments. This is focused, task oriented examples that describe real world questions our Professional Services Engineers often must address. Who Should Attend Any end user that wishes to understand search and the options available within LogRhythm Copyright 2010 LogRhythm, Inc. Page 10 of 11
LogRhythm Training Pricing Training Courses – Outline Classroom-based Training Course 1 - End User and Administration (3 days) $ 3600 per seat Available via Boulder Classroom setting only Course 2 - Rule Development (2 days) $ 3000 per seat Available via Boulder Classroom setting only Course 3 – End User and Administration (2 days) $ 12,000 up to 10 seats Maximum of 10 Seats, available On-Site via classroom setting only Course 1 and Course 2 - Purchased together (5 days) $ 5000 per seat *Certification training is available via Boulder classroom setting only at a Boulder area facility. Web-based Training Self Service Free for 2010 Available via LogRhythm Support Portal Instructor Led courses (2-3 hours per course) $ 250 per seat Available to schedule on request – Instructor runs video sessions and is available for Chat during videos and Q&A/additional instruction between videos Copyright 2010 LogRhythm, Inc. Page 11 of 11

Recommandé

LogRhythm Appliance Data Sheet
LogRhythm Appliance Data SheetLogRhythm Appliance Data Sheet
LogRhythm Appliance Data Sheet
jordagro
 
LogRhythm Overview Data Sheet
LogRhythm Overview Data SheetLogRhythm Overview Data Sheet
LogRhythm Overview Data Sheet
jordagro
 
LogRhythm Advanced Agent Data Sheet
LogRhythm Advanced Agent Data SheetLogRhythm Advanced Agent Data Sheet
LogRhythm Advanced Agent Data Sheet
jordagro
 
Rtos
RtosRtos
Rtos
seenakumari
 
Rtos 2
Rtos 2Rtos 2
Rtos 2
SahibZada Ibm
 
Os rtos.ppt
Os rtos.pptOs rtos.ppt
Os rtos.ppt
rahul km
 
Real Time Kernels
Real Time KernelsReal Time Kernels
Real Time Kernels
Arnav Soni
 
Research Method to Optimize Logger for a Telecom Application Running on Embed...
Research Method to Optimize Logger for a Telecom Application Running on Embed...Research Method to Optimize Logger for a Telecom Application Running on Embed...
Research Method to Optimize Logger for a Telecom Application Running on Embed...
IJERD Editor
 

Recommandé

LogRhythm Appliance Data Sheet
LogRhythm Appliance Data SheetLogRhythm Appliance Data Sheet
LogRhythm Appliance Data Sheet
jordagro
 
LogRhythm Overview Data Sheet
LogRhythm Overview Data SheetLogRhythm Overview Data Sheet
LogRhythm Overview Data Sheet
jordagro
 
LogRhythm Advanced Agent Data Sheet
LogRhythm Advanced Agent Data SheetLogRhythm Advanced Agent Data Sheet
LogRhythm Advanced Agent Data Sheet
jordagro
 
Rtos
RtosRtos
Rtos
seenakumari
 
Rtos 2
Rtos 2Rtos 2
Rtos 2
SahibZada Ibm
 
Os rtos.ppt
Os rtos.pptOs rtos.ppt
Os rtos.ppt
rahul km
 
Real Time Kernels
Real Time KernelsReal Time Kernels
Real Time Kernels
Arnav Soni
 
Research Method to Optimize Logger for a Telecom Application Running on Embed...
Research Method to Optimize Logger for a Telecom Application Running on Embed...Research Method to Optimize Logger for a Telecom Application Running on Embed...
Research Method to Optimize Logger for a Telecom Application Running on Embed...
IJERD Editor
 
Rtos princples adn case study
Rtos princples adn case studyRtos princples adn case study
Rtos princples adn case study
vanamali_vanu
 
RTOS implementation
RTOS implementationRTOS implementation
RTOS implementation
Rajan Kumar
 
RT linux
RT linuxRT linux
RT linux
SARITHA REDDY
 
The survey on real time operating systems (1)
The survey on real time operating systems (1)The survey on real time operating systems (1)
The survey on real time operating systems (1)
manojkumarsmks
 
Rt linux-lab1
Rt linux-lab1Rt linux-lab1
Rt linux-lab1
JOLLUSUDARSHANREDDY
 
Rtos slides
Rtos slidesRtos slides
Rtos slides
Anand Jothi
 
Real time operating system
Real time operating systemReal time operating system
Real time operating system
Bharti Goyal
 
Rtos
RtosRtos
Rtos
sharvani musandi
 
Rtos by shibu
Rtos by shibuRtos by shibu
Rtos by shibu
Shibu Krishnan
 
BeRTOS: Free Embedded RTOS
BeRTOS: Free Embedded RTOSBeRTOS: Free Embedded RTOS
BeRTOS: Free Embedded RTOS
Develer S.r.l.
 
Real time operating system
Real time operating systemReal time operating system
Real time operating system
Pratik Hiremath
 
Rtos
RtosRtos
Rtos
Ruchi Sharma
 
39245175 intro-es-ii
39245175 intro-es-ii39245175 intro-es-ii
39245175 intro-es-ii
Embeddedbvp
 
UBSS overview, ATC Middleware
UBSS overview, ATC MiddlewareUBSS overview, ATC Middleware
UBSS overview, ATC Middleware
Emmanuel Fuchs
 
UBSS : Unix Based System Software
UBSS : Unix Based System SoftwareUBSS : Unix Based System Software
UBSS : Unix Based System Software
Emmanuel Fuchs
 
ucOS
ucOSucOS
ucOS
Ramasubbu .P
 
Real Time Operating Systems for Embedded Systems
Real Time Operating Systems for Embedded SystemsReal Time Operating Systems for Embedded Systems
Real Time Operating Systems for Embedded Systems
Aditya Vichare
 
Vxworks
VxworksVxworks
Vxworks
ismaeil nethead
 
Vx works RTOS
Vx works RTOSVx works RTOS
Vx works RTOS
Sai Malleswar
 
Cisco OpenSOC
Cisco OpenSOCCisco OpenSOC
Cisco OpenSOC
James Sirota
 
An introduction to SOC (Security Operation Center)
An introduction to SOC (Security Operation Center)An introduction to SOC (Security Operation Center)
An introduction to SOC (Security Operation Center)
Ahmad Haghighi
 
Security Operations Center (SOC) Essentials for the SME
Security Operations Center (SOC) Essentials for the SMESecurity Operations Center (SOC) Essentials for the SME
Security Operations Center (SOC) Essentials for the SME
AlienVault
 

Contenu connexe

Tendances

Rtos princples adn case study
Rtos princples adn case studyRtos princples adn case study
Rtos princples adn case study
vanamali_vanu
 
39245175 intro-es-ii
39245175 intro-es-ii39245175 intro-es-ii
39245175 intro-es-ii
Embeddedbvp
 
UBSS overview, ATC Middleware
UBSS overview, ATC MiddlewareUBSS overview, ATC Middleware
UBSS overview, ATC Middleware
Emmanuel Fuchs
 

Tendances (19)

Rtos princples adn case study
Rtos princples adn case studyRtos princples adn case study
Rtos princples adn case study
 
RTOS implementation
RTOS implementationRTOS implementation
RTOS implementation
 
RT linux
RT linuxRT linux
RT linux
 
The survey on real time operating systems (1)
The survey on real time operating systems (1)The survey on real time operating systems (1)
The survey on real time operating systems (1)
 
Rt linux-lab1
Rt linux-lab1Rt linux-lab1
Rt linux-lab1
 
Rtos slides
Rtos slidesRtos slides
Rtos slides
 
Real time operating system
Real time operating systemReal time operating system
Real time operating system
 
Rtos
RtosRtos
Rtos
 
Rtos by shibu
Rtos by shibuRtos by shibu
Rtos by shibu
 
BeRTOS: Free Embedded RTOS
BeRTOS: Free Embedded RTOSBeRTOS: Free Embedded RTOS
BeRTOS: Free Embedded RTOS
 
Real time operating system
Real time operating systemReal time operating system
Real time operating system
 
Rtos
RtosRtos
Rtos
 
39245175 intro-es-ii
39245175 intro-es-ii39245175 intro-es-ii
39245175 intro-es-ii
 
UBSS overview, ATC Middleware
UBSS overview, ATC MiddlewareUBSS overview, ATC Middleware
UBSS overview, ATC Middleware
 
UBSS : Unix Based System Software
UBSS : Unix Based System SoftwareUBSS : Unix Based System Software
UBSS : Unix Based System Software
 
ucOS
ucOSucOS
ucOS
 
Real Time Operating Systems for Embedded Systems
Real Time Operating Systems for Embedded SystemsReal Time Operating Systems for Embedded Systems
Real Time Operating Systems for Embedded Systems
 
Vxworks
VxworksVxworks
Vxworks
 
Vx works RTOS
Vx works RTOSVx works RTOS
Vx works RTOS
 

En vedette

Security Operations Center (SOC) Essentials for the SME
Security Operations Center (SOC) Essentials for the SMESecurity Operations Center (SOC) Essentials for the SME
Security Operations Center (SOC) Essentials for the SME
AlienVault
 
Building a Next-Generation Security Operation Center Based on IBM QRadar and ...
Building a Next-Generation Security Operation Center Based on IBM QRadar and ...Building a Next-Generation Security Operation Center Based on IBM QRadar and ...
Building a Next-Generation Security Operation Center Based on IBM QRadar and ...
IBM Security
 

En vedette (8)

Cisco OpenSOC
Cisco OpenSOCCisco OpenSOC
Cisco OpenSOC
 
An introduction to SOC (Security Operation Center)
An introduction to SOC (Security Operation Center)An introduction to SOC (Security Operation Center)
An introduction to SOC (Security Operation Center)
 
Security Operations Center (SOC) Essentials for the SME
Security Operations Center (SOC) Essentials for the SMESecurity Operations Center (SOC) Essentials for the SME
Security Operations Center (SOC) Essentials for the SME
 
SOC presentation- Building a Security Operations Center
SOC presentation- Building a Security Operations CenterSOC presentation- Building a Security Operations Center
SOC presentation- Building a Security Operations Center
 
Security Operation Center - Design & Build
Security Operation Center - Design & BuildSecurity Operation Center - Design & Build
Security Operation Center - Design & Build
 
DTS Solution - Building a SOC (Security Operations Center)
DTS Solution - Building a SOC (Security Operations Center)DTS Solution - Building a SOC (Security Operations Center)
DTS Solution - Building a SOC (Security Operations Center)
 
Building Security Operation Center
Building Security Operation CenterBuilding Security Operation Center
Building Security Operation Center
 
Building a Next-Generation Security Operation Center Based on IBM QRadar and ...
Building a Next-Generation Security Operation Center Based on IBM QRadar and ...Building a Next-Generation Security Operation Center Based on IBM QRadar and ...
Building a Next-Generation Security Operation Center Based on IBM QRadar and ...
 

Similaire à LogRhythm Training Syllabus Data Sheet

Log4j2 - A deep dive into the logging services in Mulesoft with On-Prem deplo...
Log4j2 - A deep dive into the logging services in Mulesoft with On-Prem deplo...Log4j2 - A deep dive into the logging services in Mulesoft with On-Prem deplo...
Log4j2 - A deep dive into the logging services in Mulesoft with On-Prem deplo...
MysoreMuleSoftMeetup
 
LogRhythm Professional Services Overview Data Sheet
LogRhythm Professional Services Overview Data SheetLogRhythm Professional Services Overview Data Sheet
LogRhythm Professional Services Overview Data Sheet
jordagro
 
A quick tour of autonomic computing
A quick tour of autonomic computingA quick tour of autonomic computing
A quick tour of autonomic computing
smartboysb06
 

Similaire à LogRhythm Training Syllabus Data Sheet (20)

Meetup milano #4 log management and anypoint advanced monitoring
Meetup milano #4 log management and anypoint advanced monitoringMeetup milano #4 log management and anypoint advanced monitoring
Meetup milano #4 log management and anypoint advanced monitoring
 
Log4j2 - A deep dive into the logging services in Mulesoft with On-Prem deplo...
Log4j2 - A deep dive into the logging services in Mulesoft with On-Prem deplo...Log4j2 - A deep dive into the logging services in Mulesoft with On-Prem deplo...
Log4j2 - A deep dive into the logging services in Mulesoft with On-Prem deplo...
 
9780840024220 ppt ch10
9780840024220 ppt ch109780840024220 ppt ch10
9780840024220 ppt ch10
 
Mailjet Security Presentation 2017
Mailjet Security Presentation 2017Mailjet Security Presentation 2017
Mailjet Security Presentation 2017
 
Enovia Collaboration Platform and Matrix Query Language
Enovia Collaboration Platform and Matrix Query LanguageEnovia Collaboration Platform and Matrix Query Language
Enovia Collaboration Platform and Matrix Query Language
 
Lec # 1 chapter 2
Lec # 1 chapter 2Lec # 1 chapter 2
Lec # 1 chapter 2
 
PRMA - Introduction
PRMA - IntroductionPRMA - Introduction
PRMA - Introduction
 
Elevating Your Application's Performance_ Observability Best Practices and Py...
Elevating Your Application's Performance_ Observability Best Practices and Py...Elevating Your Application's Performance_ Observability Best Practices and Py...
Elevating Your Application's Performance_ Observability Best Practices and Py...
 
Log4j with selenium tutorial: How to Setup log4j logging in selenium automati...
Log4j with selenium tutorial: How to Setup log4j logging in selenium automati...Log4j with selenium tutorial: How to Setup log4j logging in selenium automati...
Log4j with selenium tutorial: How to Setup log4j logging in selenium automati...
 
System design
System designSystem design
System design
 
Chapter 5
Chapter 5Chapter 5
Chapter 5
 
The Security Policy Management Maturity Model: How to Move Up the Curve
The Security Policy Management Maturity Model: How to Move Up the CurveThe Security Policy Management Maturity Model: How to Move Up the Curve
The Security Policy Management Maturity Model: How to Move Up the Curve
 
LogRhythm Professional Services Overview Data Sheet
LogRhythm Professional Services Overview Data SheetLogRhythm Professional Services Overview Data Sheet
LogRhythm Professional Services Overview Data Sheet
 
IBM BigFix Online Training
IBM BigFix Online TrainingIBM BigFix Online Training
IBM BigFix Online Training
 
HOST AND NETWORK SECURITY by ThesisScientist.com
HOST AND NETWORK SECURITY by ThesisScientist.comHOST AND NETWORK SECURITY by ThesisScientist.com
HOST AND NETWORK SECURITY by ThesisScientist.com
 
Prometheus for Monitoring Metrics (Percona Live Europe 2017)
Prometheus for Monitoring Metrics (Percona Live Europe 2017)Prometheus for Monitoring Metrics (Percona Live Europe 2017)
Prometheus for Monitoring Metrics (Percona Live Europe 2017)
 
A075434624
A075434624A075434624
A075434624
 
Why Monitoring and Logging are Important in DevOps.pdf
Why Monitoring and Logging are Important in DevOps.pdfWhy Monitoring and Logging are Important in DevOps.pdf
Why Monitoring and Logging are Important in DevOps.pdf
 
logs.pptx
logs.pptxlogs.pptx
logs.pptx
 
A quick tour of autonomic computing
A quick tour of autonomic computingA quick tour of autonomic computing
A quick tour of autonomic computing
 

Plus de jordagro

LogRhythm Alerting on the Absence of an Event Use Case UK
LogRhythm Alerting on the Absence of an Event Use Case UKLogRhythm Alerting on the Absence of an Event Use Case UK
LogRhythm Alerting on the Absence of an Event Use Case UK
jordagro
 
LogRhythm Zero Day Exploits Use Case
LogRhythm Zero Day Exploits Use CaseLogRhythm Zero Day Exploits Use Case
LogRhythm Zero Day Exploits Use Case
jordagro
 
LogRhythm Visualization Use Case
LogRhythm Visualization Use CaseLogRhythm Visualization Use Case
LogRhythm Visualization Use Case
jordagro
 
LogRhythm Time-to-Value Use Case
LogRhythm Time-to-Value Use CaseLogRhythm Time-to-Value Use Case
LogRhythm Time-to-Value Use Case
jordagro
 
LogRhythm Rapid Forensics Use Case
LogRhythm Rapid Forensics Use CaseLogRhythm Rapid Forensics Use Case
LogRhythm Rapid Forensics Use Case
jordagro
 
LogRhythm Privileged Use Monitoring Use Case
LogRhythm Privileged Use Monitoring Use CaseLogRhythm Privileged Use Monitoring Use Case
LogRhythm Privileged Use Monitoring Use Case
jordagro
 
LogRhythm Operations Use Case
LogRhythm Operations Use CaseLogRhythm Operations Use Case
LogRhythm Operations Use Case
jordagro
 
LogRhythm Geolocation Use Case
LogRhythm Geolocation Use CaseLogRhythm Geolocation Use Case
LogRhythm Geolocation Use Case
jordagro
 
LogRhythm E Phi Use Case
LogRhythm E Phi Use CaseLogRhythm E Phi Use Case
LogRhythm E Phi Use Case
jordagro
 
What's New Logrhythm 5.1 Data Sheet
What's New Logrhythm 5.1 Data SheetWhat's New Logrhythm 5.1 Data Sheet
What's New Logrhythm 5.1 Data Sheet
jordagro
 
LogRhythm Web Rhythm Data Sheet
LogRhythm Web Rhythm Data SheetLogRhythm Web Rhythm Data Sheet
LogRhythm Web Rhythm Data Sheet
jordagro
 
LogRhythm Siem 2.0 Flyer
LogRhythm Siem 2.0 FlyerLogRhythm Siem 2.0 Flyer
LogRhythm Siem 2.0 Flyer
jordagro
 
LogRhythm PowerTech Interact Data Sheet
LogRhythm PowerTech Interact Data SheetLogRhythm PowerTech Interact Data Sheet
LogRhythm PowerTech Interact Data Sheet
jordagro
 
LogRhythm Advanced Intelligence Engine Data Sheet
LogRhythm Advanced Intelligence Engine Data SheetLogRhythm Advanced Intelligence Engine Data Sheet
LogRhythm Advanced Intelligence Engine Data Sheet
jordagro
 
LogRhythm Visualize This Data Sheet
LogRhythm Visualize This Data SheetLogRhythm Visualize This Data Sheet
LogRhythm Visualize This Data Sheet
jordagro
 
LogRhythm FIPS Data Sheet
LogRhythm FIPS Data SheetLogRhythm FIPS Data Sheet
LogRhythm FIPS Data Sheet
jordagro
 
LogRhythm High Availability Solutions Data Sheet
LogRhythm High Availability Solutions Data SheetLogRhythm High Availability Solutions Data Sheet
LogRhythm High Availability Solutions Data Sheet
jordagro
 
File Integrity Monitoring Data Sheet
File Integrity Monitoring Data SheetFile Integrity Monitoring Data Sheet
File Integrity Monitoring Data Sheet
jordagro
 

Plus de jordagro (18)

LogRhythm Alerting on the Absence of an Event Use Case UK
LogRhythm Alerting on the Absence of an Event Use Case UKLogRhythm Alerting on the Absence of an Event Use Case UK
LogRhythm Alerting on the Absence of an Event Use Case UK
 
LogRhythm Zero Day Exploits Use Case
LogRhythm Zero Day Exploits Use CaseLogRhythm Zero Day Exploits Use Case
LogRhythm Zero Day Exploits Use Case
 
LogRhythm Visualization Use Case
LogRhythm Visualization Use CaseLogRhythm Visualization Use Case
LogRhythm Visualization Use Case
 
LogRhythm Time-to-Value Use Case
LogRhythm Time-to-Value Use CaseLogRhythm Time-to-Value Use Case
LogRhythm Time-to-Value Use Case
 
LogRhythm Rapid Forensics Use Case
LogRhythm Rapid Forensics Use CaseLogRhythm Rapid Forensics Use Case
LogRhythm Rapid Forensics Use Case
 
LogRhythm Privileged Use Monitoring Use Case
LogRhythm Privileged Use Monitoring Use CaseLogRhythm Privileged Use Monitoring Use Case
LogRhythm Privileged Use Monitoring Use Case
 
LogRhythm Operations Use Case
LogRhythm Operations Use CaseLogRhythm Operations Use Case
LogRhythm Operations Use Case
 
LogRhythm Geolocation Use Case
LogRhythm Geolocation Use CaseLogRhythm Geolocation Use Case
LogRhythm Geolocation Use Case
 
LogRhythm E Phi Use Case
LogRhythm E Phi Use CaseLogRhythm E Phi Use Case
LogRhythm E Phi Use Case
 
What's New Logrhythm 5.1 Data Sheet
What's New Logrhythm 5.1 Data SheetWhat's New Logrhythm 5.1 Data Sheet
What's New Logrhythm 5.1 Data Sheet
 
LogRhythm Web Rhythm Data Sheet
LogRhythm Web Rhythm Data SheetLogRhythm Web Rhythm Data Sheet
LogRhythm Web Rhythm Data Sheet
 
LogRhythm Siem 2.0 Flyer
LogRhythm Siem 2.0 FlyerLogRhythm Siem 2.0 Flyer
LogRhythm Siem 2.0 Flyer
 
LogRhythm PowerTech Interact Data Sheet
LogRhythm PowerTech Interact Data SheetLogRhythm PowerTech Interact Data Sheet
LogRhythm PowerTech Interact Data Sheet
 
LogRhythm Advanced Intelligence Engine Data Sheet
LogRhythm Advanced Intelligence Engine Data SheetLogRhythm Advanced Intelligence Engine Data Sheet
LogRhythm Advanced Intelligence Engine Data Sheet
 
LogRhythm Visualize This Data Sheet
LogRhythm Visualize This Data SheetLogRhythm Visualize This Data Sheet
LogRhythm Visualize This Data Sheet
 
LogRhythm FIPS Data Sheet
LogRhythm FIPS Data SheetLogRhythm FIPS Data Sheet
LogRhythm FIPS Data Sheet
 
LogRhythm High Availability Solutions Data Sheet
LogRhythm High Availability Solutions Data SheetLogRhythm High Availability Solutions Data Sheet
LogRhythm High Availability Solutions Data Sheet
 
File Integrity Monitoring Data Sheet
File Integrity Monitoring Data SheetFile Integrity Monitoring Data Sheet
File Integrity Monitoring Data Sheet
 

Dernier

Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Safe Software
 
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Victor Rentea
 
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamDEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
UiPathCommunity
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
panagenda
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc
 

Dernier (20)

ICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesICT role in 21st century education and its challenges
ICT role in 21st century education and its challenges
 
WSO2's API Vision: Unifying Control, Empowering Developers
WSO2's API Vision: Unifying Control, Empowering DevelopersWSO2's API Vision: Unifying Control, Empowering Developers
WSO2's API Vision: Unifying Control, Empowering Developers
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024
 
Elevate Developer Efficiency & build GenAI Application with Amazon Q​
Elevate Developer Efficiency & build GenAI Application with Amazon Q​Elevate Developer Efficiency & build GenAI Application with Amazon Q​
Elevate Developer Efficiency & build GenAI Application with Amazon Q​
 
MS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsMS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectors
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxCorporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptx
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
 
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamDEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
 
[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
 
Vector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptxVector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptx
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot ModelMcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
 
Six Myths about Ontologies: The Basics of Formal Ontology
Six Myths about Ontologies: The Basics of Formal OntologySix Myths about Ontologies: The Basics of Formal Ontology
Six Myths about Ontologies: The Basics of Formal Ontology
 
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
 

LogRhythm Training Syllabus Data Sheet

  • 1. LogRhythm v5.1 Training Syllabus This document addresses LogRhythm Classroom-based (Section 1) and Web-based Training (Section 2) Section 1: LogRhythm Classroom-based Training Certifications LogRhythm certifications are available on completion of the following: Course 1 Certified LogRhythm End User and Administrator Course 1 is comprised of the following days of training: Day 1 – Basic End User Days 2 and 3 – Deployment and Administration and Advanced End User Successful completion of associated training exercises Who Should Attend Course 1 is designed for systems administrators, managers, engineers, and other LogRhythm end users who are responsible for system administrative management. Course 2 Certified LogRhythm Rule Developer Course 2 is comprised of the following days of training: Days 4 and 5 – Rule Development Successful completion of associated training exercises Who Should Attend Course 2 is designed for systems administrators and engineers who are supporting custom applications or need to do advanced customization and tuning of their LogRhythm deployment. It is recommended that students attending this course have completed Course 1 and have experience using regular expressions. Course 3 Two Day On-Site Certified LogRhythm End User and Administrator Course 3 is comprised of the following days of training: Day 1 – Basic End User and Advanced End User Training Day 2 – Advanced End User and Administration Who Should Attend Course 3 is designed for systems administrators, managers, engineers, and other LogRhythm end users who are responsible for system administrative management. Courses 1 and 2 may be taken consecutively or separately. Copyright 2010 LogRhythm, Inc. Page 1 of 11
  • 2. Course 1: Classroom-based End-User and Administrator Training Course 1 consists of three modules: • End-User Training • Advanced End-User • Deployment and Administration End-User Training introduces you to the data access and analysis front end of the LogRhythm solution. You are introduced to the LogRhythm Console and receive instructions on how to customize for your needs. Advanced End-User Training instructs you on how to use advanced methods for log and event analysis. Deployment and Administration instructs you in the administration aspects of the LogRhythm enterprise system to ensure successful and on-going operations. Day One: Basic End-User Training Welcome Orientation and Overview You receive a brief introduction to the facility, area, accommodations, each other, eating arrangements, and a plan for the days ahead. When the class begins, you will receive instructions on how to log into the training environment for hands-on examples and exercises. LogRhythm Overview and Architecture Provides you with the pre-requisite foundation for all other training — an overview of LogRhythm Log and Event Management and basic knowledge of: • LogRhythm terminology • LogRhythm log data hierarchy • LogRhythm logical objects • LogRhythm Knowledge Base • LogRhythm Solution Architecture Analysis and Reporting Provides you with a working knowledge of: • The LogRhythm Dashboard Real-time monitoring and analysis of events and alarms • The LogRhythm Investigator Historic/forensic log and event data analysis Copyright 2010 LogRhythm, Inc. Page 2 of 11
  • 3. The LogRhythm Tail Utility Real-time access to raw log data • The LogRhythm Quick Search Toolbar • The LogRhythm Report Center Configuration and generation of reports for compliance, security, and operations Day 1 modules will include instructor-guided, interactive exercises. Days Two and Three: Deployment and Administration and Advanced End-User Training The LogRhythm Deployment, Administration, and Advanced End-User curriculum instructs you in how to use advanced methods for log and event analysis. Topics to be covered include: • Log Source Lists and their use as filters for all data access and analysis functions • Personal Alarms and their use in real-time monitoring • Alarm and Incident Management • Report Templates and how to generating custom reports Deployment and Administration Items to be covered include: 1. Deployment Management • Managing LogRhythm Logical objects o Entities, Networks, and Hosts o Log Managers o Agents o Log Sources o Message Processing Engine Policies o Alarm Rules o People and Users • Common Deployment tasks o Adding Entities, Networks, and Hosts o Deploying a Log Manager o Deploying an Agent o Working with the Job Manager 2. Configuring LogRhythm Agents for Log Collection • Enabling Global Data Management and Global Log Processing Rules • Collecting Windows Event Logs • Collecting Flat File Logs • Collecting Syslog • Collecting Netflow Copyright 2010 LogRhythm, Inc. Page 3 of 11
  • 4. Collecting Checkpoint Firewall Logs • Collecting Database data with the Universal Database Log Adapter (UDLA) • Enabling Data Loss Defender (DLD) • Enabling File Integrity Monitor (FIM) 3. Configuring Message Processing Engine Policies • Data retention and archive settings • Log processing and deduplication • Event forwarding • LogMart forwarding • Understanding Risk-Based Prioritization (RBP) 4. Security Administration • Understanding LogRhythm Security Roles • Managing LogRhythm Users • Managing Active Directory Synchronization • Managing Restricted Analysts 5. Configuring and Managing Alarms • Alarm rule administration • Notification administration 6. Archive Restoration 7. Performance Monitoring and Troubleshooting • LogRhythm Diagnostic Events and Alarms • Silent Log Source Detection • LogRhythm Performance Counters Advanced End User Items to be covered include: 1. Configuring and Using Log Source Lists 2. Creating and Managing Saved Investigations 3. Creating and Managing Custom Reports 4. Creating and Managing Scheduled Reports 5. Creating and Managing Global and Personal Alarm Rules Day 2 and 3 modules will include instructor guided interactive exercises. Copyright 2010 LogRhythm, Inc. Page 4 of 11
  • 5. Course 2: Classroom-based Rule Development Training Days Four and Five (when combined with Course 1): Rule Development LogRhythm Message Processing Engine (MPE) Rule Development The Class is designed systems administrators and engineers who are supporting custom applications or need to do advanced customization and tuning of their LogRhythm deployment. It is recommended students attending the class have some experience with LogRhythm and a basic knowledge of Regular Expressions (regex). LogRhythm is a highly flexible and open system that provides the means for you to develop custom rules to meet your organizational data collection and processing demands. Students will learn all aspects of rule development. They will leave the course with the knowledge and tools required to integrate custom logging devices into LogRhythm and customize LogRhythm’s support for commercial logging devices. This hands-on course will cover items including: • Introduction to Regular Expressions • Rule Function • Rule Definition • Parsing and Attributes • Rule Builder Tool • Tags (Usage, Parsing, Mapping) • Base Rules versus Sub Rules • Naming and Classification Advanced Alarm Rule Development Alarm Rules enable automatic detection and notification of specific activity. LogRhythm includes an extremely powerful and flexible system for creating a wide variety of Alarm Rules. This module provides extensive hands training in the development of sophisticated Alarm Rules for detecting activity in support of compliance, security, and operations objectives. • Overview of the Alarm Rule Processing Engine • Alarm Thresholds, Grouping, and Suppression • Log Source Criteria • Event Criteria • Day and Time Criteria • Advanced Notification Options • Alarm Rule Sharing and Security Day 4 and 5 modules include interactive instructor guided rule development exercises. Copyright 2010 LogRhythm, Inc. Page 5 of 11
  • 6. Course 3: Classroom-based On-Site End-User and Administrator Training Course 3 consists of three modules: • End-User Training • Advanced End-User • Administration End-User Training introduces you to the data access and analysis front end of the LogRhythm solution. You are introduced to the LogRhythm Console and receive instructions on how to customize for your needs. Advanced End-User Training instructs you on how to use advanced methods for log and event analysis. Administration instructs you in the administration aspects of the LogRhythm enterprise system to ensure successful and on-going operations. Day One: Basic End-User Training LogRhythm Overview and Architecture Provides you with the pre-requisite foundation for all other training — an overview of LogRhythm Log and Event Management and basic knowledge of: • LogRhythm terminology • LogRhythm log data hierarchy • LogRhythm logical objects • LogRhythm Knowledge Base • LogRhythm Solution Architecture Analysis and Reporting Provides you with a working knowledge of: • The LogRhythm Dashboard Real-time monitoring and analysis of events and alarms • The LogRhythm Investigator Historic/forensic log and event data analysis • The LogRhythm Tail Utility Real-time access to raw log data • The LogRhythm Quick Search Toolbar • The LogRhythm Report Center Configuration and generation of reports for compliance, security, and operations Copyright 2010 LogRhythm, Inc. Page 6 of 11
  • 7. Day Two: Administration and Advanced End-User Training The LogRhythm Deployment, Administration, and Advanced End-User curriculum instructs you in how to use advanced methods for log and event analysis. Topics to be covered include: • Log Source Lists and their use as filters for all data access and analysis functions • Personal Alarms and their use in real-time monitoring • Alarm and Incident Management • Report Templates and how to generating custom reports Advanced End User and Administration Items to be covered include: 8. Configuring LogRhythm Agents for Log Collection • Enabling Global Data Management and Global Log Processing Rules • Collecting Windows Event Logs • Collecting Flat File Logs • Collecting Syslog • Collecting Netflow • Collecting Checkpoint Firewall Logs • Collecting Database data with the Universal Database Log Adapter (UDLA) • Enabling Data Loss Defender (DLD) • Enabling File Integrity Monitor (FIM) 9. Configuring Message Processing Engine Policies • Data retention and archive settings • Log processing and deduplication • Event forwarding • LogMart forwarding • Understanding Risk-Based Prioritization (RBP) 10. Security Administration • Understanding LogRhythm Security Roles • Managing LogRhythm Users • Managing Active Directory Synchronization • Managing Restricted Analysts 11. Configuring and Managing Alarms • Alarm rule administration • Notification administration • Creating and Managing Global and Personal Alarm Rules Copyright 2010 LogRhythm, Inc. Page 7 of 11
  • 8. 12. Archive Restoration 13. Performance Monitoring and Troubleshooting • LogRhythm Diagnostic Events and Alarms • Silent Log Source Detection • LogRhythm Performance Counters Advanced End User Items to be covered include: 1. Configuring and Using Log Source Lists 2. Creating and Managing Saved Investigations 3. Creating and Managing Custom Reports 4. Creating and Managing Scheduled Reports 5. Creating and Managing Global and Personal Alarm Rules Copyright 2010 LogRhythm, Inc. Page 8 of 11
  • 9. LogRhythm 5.1 Web-based Training Web-based training is delivered from the LogRhythm Learning Center. The classes are videos downloaded/streamed from the web. We recommend that all users take advantage of this training. There are two ways to leverage LogRhythm web-based training: 1) Self-Service: Customers may access the LogRhythm Learning Center and its growing list of online courses via the LogRhythm Support site (with a valid login). 2) Instructor-led –A Certified LogRhythm Trainer introduces/runs the videos and monitors the class to answer chat-style questions during the videos. A question and answer period is provided between Modules. During the Q&A period the instructor can provide answers to specific questions or perform additional demonstrations. Instructor-led courses are can be scheduled based on demand/availability. For Q3 2010 we will run the first course, Searching in LogRhythm, at 1000 MST on the first Friday of each month. For appropriate quality, please ensure you leverage a high speed (DSL minimum) connection. The video portion of each course is planned to be a total of 1-2 hours in length depending on the topic addressed. The course is divided into 4-5 modules of approximately 10 to 25 minutes each. The instructor-led classes are planned to be 1 hour longer than the self-service video classes. The first course was launched in July 2010 and additional courses can be expected roughly once per quarter (Reporting and Alarming are the next planned courses). One course is currently available: Course 1 Searching in LogRhythm - In this course you will learn: LogRhythm’s approach to turn incoming log data into searchable information, to organize an efficient search, the tool (Search Wizard) to build a search, and common approaches to working with Search Results. In addition there will be solid examples and scenarios to reinforce the learning. Copyright 2010 LogRhythm, Inc. Page 9 of 11
  • 10. Course 1 is comprised of 5 Modules: Module 1: Anatomy of a Log - In this module you will learn how LogRhythm makes sense of incoming log messages and turns the mountains of log data into meaningful information. Understanding how LogRhythm handles logs is a critical building block for anyone looking to search their LogRhythm Deployment. Module 2: Anatomy of a Search – In this module you will learn the how LogRhythm Search works. Just as understanding how LogRhythm handles logs is a first building block, understanding how LogRhythm Search works is a critical second step in efficiently organizing a search in your LogRhythm Deployment. Module 3: Search Wizard – In this module you will learn how to construct a search using the LogRhythm Search Wizard. Building on the concepts and examples in the first two modules you will be able to efficiently construct a search. Module 4: Working with Search Results – In this module you will learn common approaches to working with Search Results, including common tools with examples. Module 5: Specific Examples and Scenarios - In this module you will be exposed to additional examples and scenarios that are typical for many LogRhythm Deployments. This is focused, task oriented examples that describe real world questions our Professional Services Engineers often must address. Who Should Attend Any end user that wishes to understand search and the options available within LogRhythm Copyright 2010 LogRhythm, Inc. Page 10 of 11
  • 11. LogRhythm Training Pricing Training Courses – Outline Classroom-based Training Course 1 - End User and Administration (3 days) $ 3600 per seat Available via Boulder Classroom setting only Course 2 - Rule Development (2 days) $ 3000 per seat Available via Boulder Classroom setting only Course 3 – End User and Administration (2 days) $ 12,000 up to 10 seats Maximum of 10 Seats, available On-Site via classroom setting only Course 1 and Course 2 - Purchased together (5 days) $ 5000 per seat *Certification training is available via Boulder classroom setting only at a Boulder area facility. Web-based Training Self Service Free for 2010 Available via LogRhythm Support Portal Instructor Led courses (2-3 hours per course) $ 250 per seat Available to schedule on request – Instructor runs video sessions and is available for Chat during videos and Q&A/additional instruction between videos Copyright 2010 LogRhythm, Inc. Page 11 of 11