The ArcSight Logger Search and Reporting training course provides Participants with task-focused training to quickly configure and use the Logger’s event search and reporting capabilities.
This course includes hands-on exercises on common functionality and procedures to take advantage of built-in product content as well as custom tailoring techniques to fulfill event search and reporting demands in enterprise security and operations log management environments.
By attending ArcSight Logger Search and Reporting workshop, Participants will learn to:
- Explain and implement event indexing and use the Logger search builder to access field-based, full-text and regex-based event search facilities
- Access and customize search field set display controls and search constraint criteria to refine and tune event search results
- Use the Logger search builder to access unified event search facilities, save search queries as filters, saved searches, scheduled alerts, shared or search group filters
- Access reporting resources to use pre-built reports, copy and customize reports, create report dashboards, and manage report groups and categories to control distribution and access to report objects and published information
- Run reports as scheduled jobs, ad hoc, or as a background task, publish and archive results according to given distribution and retention criteria
Knowledge of:
- Computer desktop, browser, and file system navigation skills
- Basic understanding of TCP/IP networking and database concepts
- Enterprise security experience [highly advantageous]
This course is intended for team members of security operations, network operations, as well as personnel responsible for auditing and compliance.