Audience & Prerequisites
Schedule & Fees
ArcSight Logger Administration and Operations
ArcSight Logger Administration and Operations course provides you the essentials of the ArcSight Logger solution – both hardware and software – as well as giving you information on how to architect a complete solution. This 5 day ILT course will cover the core features of the ArcSight Logger solution as well as more advanced features. This course, in addition to Logger experience, prepares you for the Logger certification exam.
- Describe, access, and use the basic features and functions of ArcSight Logger
- Initialize Logger Appliance
- Install and update Logger Software formfactor
- Explain and implement initial Logger storage and retention policy settings
- Describe and configure event source devices and device groups, event Receivers, Forwarders, and Destinations
- Locate and configure Network settings, error logs, remote support access and security certificate trust stores
- Explain and implement event indexing and use the Logger search builder
- Access and customize search field set display controls and search constraint criteria
- Use filters effectively
- Run and build reports
- Copy and modify report queries and templates
- Copy and modify report dashboards and dashboard elements
- Search, view, create, edit, enable and disable realtime and scheduled alerts; configure notifications; export alerts for further analysis
- Backup and restore Logger configuration or reports and report definitions; export and import Logger Alerts and Filters; retrieve error and audit logs
To be successful in this course, you must have:
Completed the HP ArcSight ESM Security Analyst (AESA) training Knowledge of:
- Common security device functions, such as IDS/IPS, Network and Host-based firewalls, etc.
- Common network device functions, such as routers, switches, hubs, etc.
- TCP/IP functions, such as CIDR blocks, subnets, addressing, communications, etc.
- Windows operating system tasks, such as installations, services, sharing, navigation, etc.
- Possible attack activities, such as scans, man in the middle, sniffing, DoS, DDoS, etc and possible abnormal activities, such as worms, Trojans, viruses, etc.
- SIEM terminology, such as threat, vulnerability, risk, asset, exposure, safeguards, etc.
Security directives, such as Confidentiality, Integrity, Availability
Course Outline Duration: 5 Days
- Introduction to Logger
- Install and Initialize Logger Appliance
- Installing and Initialize Software Logger
- Navigating Logger
- Logger Configuration
- Configuring Logger Event Input and Output
- System Admin Settings
- Managing Users and Groups
- Event Search
- Search Tools
- Filters, Saves Searches & Scheduled Alerts
- Logger Reports
Please write to us at firstname.lastname@example.org & contact us at +91-9870480053 for the course price & certification cost, schedule & location
For more info kindly contact us.