Practical SIEM Tutorial- Send Logs, Install Parsers, Create Log sources, Alerts, Regex | Day 8

Описание: SIEM tutorial, Practical Burn Down Session in 25 minutes. This is the very first video in YouTube where you will actually learn sending logs to SIEM and lot more!

Check Out Day-7 here-    • INCIDENT RESPONSE TRAINING FREE - Fast, Ea...   for installing SIEM in your home Lab.
Continuing with our Incident Response Training, today is Day 8 and we will discuss almost everything you need to know about SIEM and I will show you how can you perform all of the admin activities so that you can be well prepare with You SIEM Lab and pratcice at home, also you can apply them in your work at organization. In our previous Episode of Day 7, I have shown you how to set up your SIEM tool and install them, but this session will be more technical in terms of understanding the basic admin activities in SIEM. We have taken QRadar as a tool and will show you below things-
1. How to send syslog logs in QRadar.
2. How to install DSM Parsers
3. How to create custom event properties and parse the raw logs.
4. How to create log source
5. At last we will show you some alerts/offenses as well.

So, stick around till the end if you really want to be MASTER in SIEM and QRadar.

There is huge amount of information, training available on internet which talks about the same and at times you become overwhelmed and can't decide what is the right choice for me if I want to start my career in Security Operations Centre and want a role in Incident Response. So I have developed this full series to stay focused on the basic areas someone must be aware of to kick of SOC journey! Hence I recommend you to visit the full list one by one to have a solid idea of SOC Beginner level skills and requirements.

-------------------------------------------------------------------------------------------------------------------------
📝
Check out Incident Response Full Training Course👉 https://bit.ly/2OKQaFP

🔗LINKS FOR YOUR REQUIREMENTS-
-------------------------------------------------------------------------------------------------------------------------
👉Fix that we applied at first- https://www.ibm.com/support/pages/nod...
👉QRadar Community Edition- https://www.ibm.com/community/qradar/ce/
👉Log File Samples- https://bit.ly/3gaxVTK
👉DFIR Tools Repo- https://github.com/archanchoudhury/DF...

🔥🔥🔥🔥🔥
Check-out my Free InfoSec Resource Fusion- https://bit.ly/3vOFarG
🔥🔥🔥🔥🔥


WATCH BELOW AS WELL 🔥🔥🔥🔥🔥
-------------------------------------------------------------------------------------------------------------------------
IR Flash 👉    • How to Collect System Logs within 5 minute...  
How to write Regex 👉    • RegEx- A Daily Capsule in Cyber Blue Team  
Linux Memory Forensics 👉    • Linux Memory Capture and Analysis - Volati...  
Check out Malware Investigation Part1👉    • Creation of Malware Analysis and Digital F...  
Check out Malware Investigation Part2👉    • Malware Analysis Bootcamp - Introduction T...  
BlackPerl Forensics Episodes👉 https://bit.ly/3pgpqsG
Decoding JavaScript codes for Incident Response👉    • Finding and Decoding Malicious Scripts- Di...  
Lean Yara Here 👉    • How to Create Yara || Learn from Scratch w...  

⌚
Timelines
-------------------------------------------------------------------------------------------------------------------------
0:00 ⏩ Intro
1:13 ⏩ Verify Log Activity Tab
2:54 ⏩ Apply Patch
4:11 ⏩ Ship Syslog Bundle
8:12 ⏩ Push Syslog
11:46 ⏩ Create DSM Parsers
14:57 ⏩ Create Log Source in Console
18:01 ⏩ Create RegEx
20:34 ⏩ Create Offense/Alerts
23:44 ⏩ Summarize & What's NEXT?

📞📲
FOLLOW ME EVERYWHERE-
-------------------------------------------------------------------------------------------------------------------------
✔ LinkedIn:   / blackperl  
✔ You can reach out to me personally in LinkedIn as well- https://bit.ly/38ze4L5
✔ Twitter: @blackperl_dfir
✔ Insta: (blackperl_dfir)  / blackperl_dfir  
✔ Can be reached via [email protected]


SUPPORT BLACKPERL
-------------------------------------------------------------------------------------------------------------------------
╔═╦╗╔╦╗╔═╦═╦╦╦╦╗╔═╗
║╚╣║║║╚╣╚╣╔╣╔╣║╚╣═╣
╠╗║╚╝║║╠╗║╚╣║║║║║═╣
╚═╩══╩═╩═╩═╩╝╚╩═╩═╝
➡️ SUBSCRIBE, Share, Like, Comment
☕ Buy me a Coffee 👉 https://www.buymeacoffee.com/BlackPerl
📧 Sponsorship Inquiries: [email protected]

-------------------------------------------------------------------------------------------------------------------------
🙏 Thanks for watching!! Be CyberAware!! 🤞