Call : (+91) 968636 4243
Mail : info@EncartaLabs.com
EncartaLabs

ArcSight Logger - Administration and Operations

( Duration: 5 Days )

This ArcSight Logger - Administration and Operations training course provides the essentials of the ArcSight Logger solution – both hardware and software - as well as giving you information on how to architect a complete solution. This course will cover the core features of the ArcSight Logger solution as well as more advanced features.

By attending ArcSight Logger - Administration and Operations workshop, delegates will learn to:

  • Describe, access, and use the basic features and functions of ArcSight Logger
  • Initialize Logger appliance
  • Install and update Logger Software form factor
  • Explain and implement initial Logger storage and retention policy settings
  • Describe and configure event source devices and device groups, event receivers, forwarders and destinations
  • Locate and configure network settings, error logs, remote support access and security certificate trust stores

  • Common network device functions such as routers, switches, and hubs.
  • TCP/IP functions such as CIDR blocks, subnets, addressing, and communications
  • Windows operating systems tasks such as installations, services, sharing, and navigation
  • Linux or Cent OS experience with shell command lines
  • Knowledge of Use Cases
  • Attend a training on ArcSight Flex Connector Configuration or equivalent experience

The ArcSight Logger - Administration and Operations class is ideal for:

  • System administrators or operators who will be working with Logger software or Logger Appliance.

COURSE AGENDA

1

Introduction to Logger

  • What is Logger?
  • What is an Event?
  • ArcSight Log Management Platform
  • Logger Features
  • Deployment Scenarios
  • What’s new in Logger
  • Logger family of products
  • Logger Use Cases
2

Install and Initialize Logger Appliance

  • Installing and initializing Logger Appliance
  • Post-initialization settings
  • Appliance upgrade
  • Installing and Initialize
3

Software Logger

  • Installing and configuring Linux Software Logger
  • Software Logger Upgrade and un-install
  • Logger browser interface login
4

Navigating Logger

  • Logger UI Information Band and Options
  • Tabs, Menus and Feature Navigation
  • Main Function Tabs
5

Logger Configuration

  • Configuration Sidebar Menu functions
  • Configuring Peer Loggers
  • System Maintenance Operations
6

Configuring Logger Event Input and Output

  • Receivers, Source Types and Parsers
  • Devices and Device Groups
  • Storage Rules
  • Forwarders
  • SSL Certificates
  • ESM Destinations
7

System Admin Settings

  • Appliance and Software Admin differences
  • System Admin tab
  • Exploring each sub-menu tab
8

Managing Users and Groups

  • User Group Privileges
  • Managing Users, User Groups & Authentication
  • User login banner
9

Event Search

  • Logger search overview
  • Search input
  • Search results display
  • Search techniques
  • Pipeline operators
  • Search performance
  • Wild cards
  • Peer Logger search
  • Indexing
10

Search Tools

  • Customizing time ranges and Field Sets
  • Search helper
  • Creating complex queries using Search Builder
  • Raw events and Regex Helper
  • Validating Queries with Search Analyzer
  • Refining and re-running searches
  • Exporting search results
  • Live Event Viewer
11

Filters, Saves Searches & Scheduled Alerts

  • Saving and retrieving a query
  • Types of Filters
  • Managing Filters
  • Creating Saved Search Jobs
  • Creating Saved Scheduled Alerts
  • Saving Searches as Dashboard Panels
  • Advanced Search Options
  • Searching from ESM Console
12

Logger Reports

  • Types of reports
  • Viewing reports
  • Report task options
  • Running reports
  • Publishing and emailing report results
  • Scheduling report jobs
  • Report administration
13

Designing Reports

  • Copying reports
  • Using the Adhoc Report Designer
  • Editing a report
  • Customizing report layout
14

Generating Reports

  • Search Queries and Report Queries
  • Creating and Editing Queries for Reports
  • Using the SQL Editor
  • Report Query Field Attributes and Properties
  • Parameters and Parameter Groups
15

Using and Designing Report Dashboards

  • Dashboards and Report Home Pages
  • Creating a Report Dashboard
16

Alerts and Notifications

  • Configuring Notification Destinations
  • Configuring Alerts and Notifications
  • Viewing Alerts
  • Exporting Alerts
17

Import, Export, Backup and Restore

  • Configure Backup and Restore
  • Content Management – Export and Import
  • Event Archiving
  • Retrieving Audit and Error Logs

Encarta Labs Advantage

  • One Stop Corporate Training Solution Providers for over 6,000 various courses on a variety of subjects
  • All courses are delivered by Industry Veterans
  • Get jumpstarted from newbie to production ready in a matter of few days
  • Trained more than 50,000 Corporate executives across the Globe
  • All our trainings are conducted in workshop mode with more focus on hands-on sessions

View our other course offerings by visiting https://www.encartalabs.com/course-catalogue-all.php

Contact us for delivering this course as a public/open-house workshop/online training for a group of 10+ candidates.

Top
Notice
X