Collecting, Storing, and Exploiting Data: SIEM with Elasticsearch, Logstash, and Kibana (ELK) (3-068)

Training objective: Acquire the necessary skills to install, configure, and operate the ELK stack (Elasticsearch, Logstash, Kibana) as a SIEM solution, with the aim of collecting, analyzing, and visualizing data from information systems to ensure their security.

• Install and configure the components of the ELK suite (Elasticsearch, Logstash, Kibana) in a SIEM environment.
• Use ELK to index, search, and visualize collected data.
• Set up a centralized architecture for log collection from systems and probes.
• Monitor and analyze data using the new Elastic SIEM solution.