Description
Micro Focus ArcSight Data Platform is a SIEM platform that unifies data collection and log management of machine data for security intelligence. Micro Focus ArcSight Logger is a component of Micro Focus ArcSight Data Platform. In this course you will learn how to perform a successful ArcSight Software Logger installation from scratch, ingest replay events, and creating nice dashboards.((Announcemt))Significant expansion to the Course Circuilum on 23rd of August 2023Renamed the course from Micro Focus ArcSight Logger Hands-On to ArcSight Logger & ESM Hands-On and added below 5 x extra sestions:1) ESM Installation2) ESM Console Demystified3) ESM Hands-ON4) ESM Administration5) ArcSight TheoryThe above 5 sections will cover the following lessons: Import Brute Force package from ArcSight marketplaceImport Sysmon package from ArcSight marketplaceWhat is SIEMArcSight SIEMESM Enables Situational AwarenessESM AnatomySmartConnectorsArcSight Manager & CORR-EngineStorageUser Interfaces & Use CasesInteractive Discovery & Pattern DiscoveryESM on an Appliance & Logger & ArcSight SolutionsLife Cycle of an Event Through ESMData Collection and Event Processing - Collect & Normalize Event DataData Collection and Event Processing - Apply Event CategoriesData Collection and Event Processing - Look up Customer and Zone in Network ModelData Collection and Event Processing - Filter and Aggregate Events & Managing SmartConnector ConfigurationsPriority Evaluation and Network Model LookupWorkflowCorrelation Evaluation - Correlation Overview & Filters & RulesCorrelation Evaluation - How Rules are Evaluated & How Rules Use Active & Session ListsCorrelation Evaluation - Data MonitorsCorrelation Evaluation - How Correlation Uses Local and Global Variables & Velocity TemplatesCorrelation Evaluation - Event TypesFixing Time of Log SourceForgotten ESM Account Password and Disabled Account
