Learn how to use log servers to collect network security data.
- As I discussed in previous videos…log servers collect log data from various sources…such as firewalls, intrusion detection systems and so on.…There's some well-known log server solutions.…Syslog-ng is one of them.…The log data in syslog-ng can in turn…be forwarded to another system like SIEM or an analyzer.…For example, IBM Security Curator…is a SIEM solution that can receive the syslog-ng messages.…
In this case,…syslog-ng serves as an intermediate log server.…After our discussion…of various network security data sources…you're now familiar with the nature of the data…being generated by them.…We're finally ready to get our hands dirty…and get into the weeds of what it takes…to actually collect log entries…from data sources such as IDS, IPS,…vulnerability management system,…application and operating system.…
Here we'll use Linux tools to demonstrate…how data collection in each data source…can be accomplished.…
- Identify the goals of network security.
- Distinguish types of firewalls.
- Explain intrusion detection and prevention systems.
- Describe packet capture.
- Collect packet sniffer, IDS, and IPS data.
- Explain how to use machine learning to process network data.
- Use data science to conduct a network forensics investigation.
- Identify data visualization targets and tools.
Skill Level Intermediate
1. Network Security Review
2. Network Data Sources
3. Data Collection
4. Data Analytics
Network forensics2m 25s
- Mark as unwatched
- Mark all as unwatched
Are you sure you want to mark all the videos in this course as unwatched?
This will not affect your course history, your reports, or your certificates of completion for this course.Cancel
Take notes with your new membership!
Type in the entry box, then click Enter to save your note.
1:30Press on any video thumbnail to jump immediately to the timecode shown.
Notes are saved with you account but can also be exported as plain text, MS Word, PDF, Google Doc, or Evernote.