Getting Started with ELK Stack: Alerts

Course
COMING SOON

Learn to make the most of the ELK Stack’s alerting capability so that it will inform you when potentially malicious activity is detected on your network. In this part of our ELK Stack series of courses, you will activate built-in alerts and create custom alerts to help you detect and identify malicious behavior in your logs and network traffic.

Time
1 hour 10 minutes
Difficulty
Intermediate
CEU/CPE
2
Share
NEED TO TRAIN YOUR TEAM? LEARN MORE
Join over 3 million cybersecurity professionals advancing their career
Sign up with
Required fields are marked with an *
or

Already have an account? Sign In »

Course Description

Learn to make the most of the ELK Stack’s alerting capability so that it will inform you when potentially malicious activity is detected on your network. In this part of our ELK Stack series of courses, you will activate built-in alerts and create custom alerts to help you detect and identify malicious behavior in your logs and network traffic.

Who should take this course?

The target audience for this training is individuals who work in a Network Security role or Administration who may be interested in implementing the Elastic ELK stack into their environment. This training is also intended for entry-level SOC analysts who may be using ELK.

What are the prerequisites for this course?

This training assumes you have a foundational knowledge of TCP/IP networking, ports and protocols, and Linux and Windows fundamentals.

Why take this course?

What makes this course so beneficial is that you will learn what makes ELK Stack an affordable and flexible SIEM solution that can serve many use cases. In this course, you will get hands-on experience using built-in alerts and creating custom alerts while using ELK Stack as a SIEM. This will prepare you to take other courses on the Cybrary platform where the ELK Stack is used. You will also be prepared to take the capstone lab in this series, where you will use ELK to detect malicious activity in a realistic threat-hunting scenario. The courses in our ELK Stack series are being released over time, so be sure to check back for them if you don't see them on the Cybrary platform right away.

What makes this course different from others?

By the end of this course, you should be able to:

  • Activate the biult-in alerts from Elastic
  • Design Custom Alerts
  • Configure the built-in Dashboards from Elastic
  • Create Custom Dashboards

Your instructor, Skyler Gehman, is a Cyber Operations Specialist in the Army. He is a graduate of the Joint Cyber Analysis Course at the Navy's Center for Information Warfare and the Army's Cyber Center of Excellence for Offensive and Defensive Cyberspace Operations. He has also worked in the manufacturing of military electronics and weapons systems.

Instructed By
Skyler Gehman
Skyler Gehman
Cyber Operations Specialist
Instructor
Provider
Cybrary
Certificate of Completion
Certificate Of Completion

Complete this entire course to earn a Getting Started with ELK Stack: Alerts Certificate of Completion