Detecting Anomalies and Events with Logstash
Logstash is a powerful tool for processing and analyzing log data. In this course, you will learn the setup, configuration, and validation of Logstash in an enterprise environment.
What you'll learn
Enterprises often struggle with effectively monitoring and detecting anomalies in their network traffic, leaving them vulnerable to potential security breaches. In this course, Detecting Anomalies and Events with Logstash, you'll learn how to utilize Logstash to secure a live enterprise environment. First, you'll discover how to set up Logstash to ingest and process network traffic data. Next, you'll apply custom filtering rules to detect anomalies in DNS, HTTP, and MySQL traffic. Finally, you'll simulate real-world traffic to test Logstash's ability to detect and flag threats. When you're finished with this course, you'll have the skills and knowledge to identify, protect, detect, and respond to threats in your network systems.
Table of contents
About the author
Sean Wilkins, with over two decades of experience in the IT industry, serves as a distinguished networking consultant and contributor at Tech Building Blocks. His professional journey spans multiple prominent enterprises, underlining his extensive field expertise. Sean's credentials include esteemed certifications from Cisco (CCNP/CCDP), Microsoft (MCSE), and CompTIA (A+ and Network+). Academically, he has achieved a Master’s of Science in Information Technology, specializing in Network Architec... more