LogRhythm Custom MPE Rules - Parsing the Custom Log Sources

Parse Custom Log Sources by using Regular Expressions

Ratings: 3.77 / 5.00




Description


Hello everyone, and welcome to the LogRhythm Custom MPE Rules Course. in this course, we will Parse Custom Log Sources by using Regular Expressions

My name is Adeel and I am a Cyber Security Engineer with more than 10 years of experience.

I will be your instructor in this course.

If you are working on LogRhythm SIEM as an administrator and you have custom log sources in your environment that you want to integrate with LogRhythm, then this is the perfect course for you.

Also, if you want to learn about custom parsing in LogRhythm and want to know how parsing works in LogRhythm, you can join this course.

By the time you are done with this course, you are going to be skilled in writing regex in LogRhythm, creating custom parsers in LogRhythm, and also integrating custom log sources with LogRhythm.

My goal in this course is to help you with creating and applying a custom parser and integrating custom log sources.

I want to take a few minutes and I want to walk through the curriculum because I need you to understand what you are going to learn before you jump into the course material.

Let’s go ahead and take a look at that right now.

This course is broken up into 7 main sections.

Number one is Regex Overview & Basic Regex Writing.

Number two is log types—single-line and multi-line log.

Number three is the Message Processing Engine – Policy, Rule Builder, Base Rule, and Sub Rules.

Number four is LogRhythm fields and tags.

Number five is Custom Log Source Creation & Integration.

Number six is Custom Parser Creation.

Number Seven is MPE Performance Monitoring.

What You Will Learn!

  • Regex Overview & Basic Regex Writing. Use Code D1ADC019A5FE612F39F0 discount
  • Log Types - single-line & multi-line log.
  • MPE – Policy, rule builder, Base Rule and Sub Rules.
  • LogRhythm Fields and tags.
  • Custom Log Source Creation & Integration.
  • Create Custom Parser in MPE Rule Builder.
  • MPE Performance Monitoring & Troubleshooting.

Who Should Attend!

  • LogRhythm Administrators
  • LogRhythm Analysts
  • System Engineers