Prerequisites
To apply for the Arcsight Training, you need to either:
- You should have a basic understanding of computer networking concepts like TCP/IP, DNS and firewalls
- You should have a basic understanding of Operating systems like Windows & Linux
- You should have a basic understanding of security concepts like access control, encryption and authentication
- You should also be familiar with at least one programming language like Java, Ruby or Python.
Course Curriculum
Module 1: Introduction to ArcSight
- Overview of ArcSight ESM
- ArcSight ESM Event Schema/Network Model
- Lifecycle of an Event in ArcSight ESM
- ArcSight ESM Workflow
- ESM Reference Resources
Module 2: Introduction to the ArcSight ESM Console Interface
- Using the ESM 5.0 Console
- Using ArcSight Web
Module 3: Viewing ArcSight ESM 5.0 Data
- Using Active Channels
- Using Filters
- Using Variables
- Using Dashboards and Data Monitors
- Using Event Graphs
- Using Custom View Dashboards
Module 4: ArcSight ESM Rules and Lists
- ESM Rules Basics
- Using Lists
- ArcSight ESM Reports and Query Viewers
- ESM Reports Overview
- Building Reports
- ArcSight Query Viewers
Module 5: Building Active Rules
- Building Active Rules
Module 6: ArcSight ESM Network Model
- ArcSight Network and Asset Model
- Network Model Wizard
Module 7: Conclusion:
- Summarizing all the points discussed above.
