Getting Started with ELK Stack: Beats and Endpoint Agents
|
If you are using the Elastic ELK Stack as your SIEM, you need to know how to deploy and configure Beats and Endpoint Agents to forward your logs. In this part of our ELK Stack series, you will learn how to deploy and configure these tools and get hands-on in our virtual lab to apply what you’ve learned.
Course Description
If you will be using the Elastic ELK Stack as your SIEM, you need to know how to deploy and configure Beats and Endpoint Agents to forward your logs. In this part of our ELK Stack series, you will learn how to deploy and configure these tools and get hands-on in our virtual lab to apply what you’ve learned.
The target audience for this training is individuals who work in a Network Security role or Administration who may be interested in implementing the Elastic ELK stack into their environment. This training is also intended for entry-level SOC analysts who may be using ELK.
This training assumes you have a foundational knowledge of TCP/IP networking, ports and protocols, and Linux and Windows fundamentals. It is also beneficial if you have taken the other courses in the ELK Stack series, particularly the course, “Getting Started with ELK Stack: Queries.”
What makes this course so beneficial is that you will learn what makes ELK Stack an affordable and flexible SIEM solution that can serve many use cases. In this course, you will get hands-on experience using ELK Stack as a SIEM and deploying a Beats and Endpoint Agents to forward logs, then querying them to check your work. After completing this course and other courses in the ELK Stack series, you will be prepared to take the capstone lab in this series, where you will use ELK to detect malicious activity in a realistic threat-hunting scenario. The ELK Stack courses are being released over time, so be sure to check back for them if you don’t see them on the Cybrary platform right away.
By the end of this course, you should be able to:
Your instructor, Skyler Gehman, is a Cyber Operations Specialist in the Army. He is a graduate of the Joint Cyber Analysis Course at the Navy’s Center for Information Warfare and the Army’s Cyber Center of Excellence for Offensive and Defensive Cyberspace Operations. He has also worked in the manufacturing of military electronics and weapons systems.
What are the prerequisites for this course?
Deploy and configure a Filebeats Agent for a Unix Host
Deploy and configure a Winlogbeats Agent for a Windows Host
Your instructor, Skyler Gehman, is a Cyber Operations Specialist in the Army. He is a graduate of the Joint Cyber Analysis Course at the Navy’s Center for Information Warfare and the Army’s Cyber Center of Excellence for Offensive and Defensive Cyberspace Operations. He has also worked in the manufacturing of military electronics and weapons systems.
Module 1: Working with Beats Agents
Module 2: Working with Endpoint Agents
User Reviews
Be the first to review “Getting Started with ELK Stack: Beats and Endpoint Agents”
You must be logged in to post a review.
There are no reviews yet.