Course Overview
This instructor-led training course will cover the core features of the ArcSight Logger solution as well as advanced features. This course also includes the Logger certification exam.
Who should attend
Security operators, Network operators
Course Objectives
Upon successful completion of this course, you should be able to:
- Describe, access, and use the basic features and functions of ArcSight Logger
- Install and update Logger
- Configure Logger storage and retention policy settings
- Navigate to specific functions, facilities and configuration settings within the Logger browser UI
- Describe and configure devices, device groups, Receivers, and Forwarders
- Locate and configure Network settings, error logs, remote support access and security certificate trust stores
- Access and manage Logger user/groups
- Explain and implement event indexing and use the Logger search builder to access field-based, full-text and pipeline operator event search facilities
- Create Logger Dashboards and describe the built-in Logger Dashboards and Dashboard panels
- Run reports ad hoc, or as scheduled jobs and publish and archive results according to given distribution and retention criteria
- Search, view, create, edit, enable and disable real-time and scheduled alerts; configure notifications; export alerts for further analysis
- Backup and restore Logger configuration or reports and report definitions; export and import Logger Alerts and Filters; retrieve error and audit logs
Course Content
This course teaches you the essentials of the ArcSight Logger solution – both hardware and software – as well as giving you information on how to design a complete solution. This instructor-led training course will cover the core features of the ArcSight Logger solution as well as advanced features. This course also prepares you for the Logger certification exam. The exam is administered on the last day of the class and is a hands-on, performance-based exam.