Skip to main content
Module 2 · Part of: Cybersecurity Threat Hunting Lab
Cybersecurity

Module 2: SIEM Setup & Log Analysis with Elastic Stack

Build a SIEM foundation for threat detection.

Elastic Stack Overview

Understand how Elasticsearch, Logstash, and Kibana work together.

Log Ingestion Pipelines

Parse syslog, web server, and auth logs with Logstash filters.

Detection Dashboards

Create Kibana dashboards for failed logins, port scans, and anomalies.

Alerting Rules

Set up Watcher alerts for critical security events.

Advertisement 728 × 90 / Responsive