Course Hive
Search

Welcome

Sign in or create your account

Continue with Google
or
Practical SIEM Tutorial- Send Logs, Install Parsers, Create Log sources, Alerts, Regex | Day 8
Play lesson

BlackPerl DFIR || INCIDENT RESPONSE TRAINING || Full Course - Practical SIEM Tutorial- Send Logs, Install Parsers, Create Log sources, Alerts, Regex | Day 8

5.0 (0)
14 learners

What you'll learn

This course includes

  • 13.5 hours of video
  • Certificate of completion
  • Access on mobile and TV

Summary

Keywords

Full Transcript

SIEM tutorial, Practical Burn Down Session in 25 minutes. This is the very first video in YouTube where you will actually learn sending logs to SIEM and lot more! Check Out Day-7 here- https://youtu.be/6DPmzXXVo_M for installing SIEM in your home Lab. Continuing with our Incident Response Training, today is Day 8 and we will discuss almost everything you need to know about SIEM and I will show you how can you perform all of the admin activities so that you can be well prepare with You SIEM Lab and pratcice at home, also you can apply them in your work at organization. In our previous Episode of Day 7, I have shown you how to set up your SIEM tool and install them, but this session will be more technical in terms of understanding the basic admin activities in SIEM. We have taken QRadar as a tool and will show you below things- 1. How to send syslog logs in QRadar. 2. How to install DSM Parsers 3. How to create custom event properties and parse the raw logs. 4. How to create log source 5. At last we will show you some alerts/offenses as well. So, stick around till the end if you really want to be MASTER in SIEM and QRadar. There is huge amount of information, training available on internet which talks about the same and at times you become overwhelmed and can't decide what is the right choice for me if I want to start my career in Security Operations Centre and want a role in Incident Response. So I have developed this full series to stay focused on the basic areas someone must be aware of to kick of SOC journey! Hence I recommend you to visit the full list one by one to have a solid idea of SOC Beginner level skills and requirements. ------------------------------------------------------------------------------------------------------------------------- πŸ“ Check out Incident Response Full Training CourseπŸ‘‰ https://bit.ly/2OKQaFP πŸ”—LINKS FOR YOUR REQUIREMENTS- ------------------------------------------------------------------------------------------------------------------------- πŸ‘‰Fix that we applied at first- https://www.ibm.com/support/pages/node/6395080 πŸ‘‰QRadar Community Edition- https://www.ibm.com/community/qradar/ce/ πŸ‘‰Log File Samples- https://bit.ly/3gaxVTK πŸ‘‰DFIR Tools Repo- https://github.com/archanchoudhury/DFIR-Tools πŸ”₯πŸ”₯πŸ”₯πŸ”₯πŸ”₯ Check-out my Free InfoSec Resource Fusion- https://bit.ly/3vOFarG πŸ”₯πŸ”₯πŸ”₯πŸ”₯πŸ”₯ WATCH BELOW AS WELL πŸ”₯πŸ”₯πŸ”₯πŸ”₯πŸ”₯ ------------------------------------------------------------------------------------------------------------------------- IR Flash πŸ‘‰ https://youtu.be/6kOinwAB-BY How to write Regex πŸ‘‰ https://youtu.be/5jMCe5Gs9Gg Linux Memory Forensics πŸ‘‰ https://youtu.be/eK-Y6MyMKVE Check out Malware Investigation Part1πŸ‘‰ https://youtu.be/E86wyomzDjs Check out Malware Investigation Part2πŸ‘‰ https://youtu.be/D3inDM8kM-Y BlackPerl Forensics EpisodesπŸ‘‰ https://bit.ly/3pgpqsG Decoding JavaScript codes for Incident ResponseπŸ‘‰ https://youtu.be/rot9cDW9SYA Lean Yara Here πŸ‘‰ https://youtu.be/DI5zV_vGJC0 ⌚ Timelines ------------------------------------------------------------------------------------------------------------------------- 0:00 ⏩ Intro 1:13 ⏩ Verify Log Activity Tab 2:54 ⏩ Apply Patch 4:11 ⏩ Ship Syslog Bundle 8:12 ⏩ Push Syslog 11:46 ⏩ Create DSM Parsers 14:57 ⏩ Create Log Source in Console 18:01 ⏩ Create RegEx 20:34 ⏩ Create Offense/Alerts 23:44 ⏩ Summarize & What's NEXT? πŸ“žπŸ“² FOLLOW ME EVERYWHERE- ------------------------------------------------------------------------------------------------------------------------- βœ” LinkedIn: https://www.linkedin.com/company/blackperl βœ” You can reach out to me personally in LinkedIn as well- https://bit.ly/38ze4L5 βœ” Twitter: @blackperl_dfir βœ” Insta: (blackperl_dfir)https://www.instagram.com/blackperl_dfir/ βœ” Can be reached via [email protected] SUPPORT BLACKPERL ------------------------------------------------------------------------------------------------------------------------- ╔═╦╗╔╦╗╔═╦═╦╦╦╦╗╔═╗ β•‘β•šβ•£β•‘β•‘β•‘β•šβ•£β•šβ•£β•”β•£β•”β•£β•‘β•šβ•£β•β•£ β• β•—β•‘β•šβ•β•‘β•‘β• β•—β•‘β•šβ•£β•‘β•‘β•‘β•‘β•‘β•β•£ β•šβ•β•©β•β•β•©β•β•©β•β•©β•β•©β•β•šβ•©β•β•©β•β• ➑️ SUBSCRIBE, Share, Like, Comment β˜• Buy me a Coffee πŸ‘‰ https://www.buymeacoffee.com/BlackPerl πŸ“§ Sponsorship Inquiries: [email protected] ------------------------------------------------------------------------------------------------------------------------- πŸ™ Thanks for watching!! Be CyberAware!! 🀞

Course Hive

Continue this lesson in the app

Install CourseHive on Android or iOS to keep learning while you move.

Related Courses

FAQs

Course Hive
Download CourseHive
Keep learning anywhere