Elastic Security Analytics

Elastic Security Analytics


This instructor-led course is designed for analysts that currently use, or are interested in using, the Elastic Stack for security event collection and analytics.


You will start with an overview of the Elastic Stack, exploring the various components and some of the use cases they can serve. The remainder of this course will take an in-depth look at several security related data sources and how to gain value from them with the Elastic Stack. As you learn about these data sources, we will mix in instruction on the various components of Kibana, including basic discovery, visualizations and dashboards, and advanced components like Graph and machine learning. After completing each module, you will apply what you have learned in a series of hands-on labs. By the end of the training, you will be able to use the Elastic Stack to analyze the data sources from your network and various systems in order to paint a more complete security picture.

Topics Covered
  • Introduction to the Elastic Stack
  • Threat Detection
  • Bro Basics
  • Suricata IDS
  • Windows Host Data
  • Linux Host Data
  • Enriching Host Data
  • Guided Hunt
Download Course Outline


3 Days


Security analysts who are researching, building, or leveraging search and analytics solutions using the Elastic Stack


No prior knowledge of the Elastic Stack required

Setup Requirements

  • Laptop with Wi-Fi connectivity
  • Mac, Linux, or Windows
  • Latest version of Chrome or Firefox (Safari is not 100% supported)
  • Due to JavaScript requirements, we recommend that you disable any ad-blockers and restart your browser before class.

Additional Notes

Bundle discounts apply when registering for multiple courses. Have training questions? Review our FAQ or email us.

Upcoming Classes

United States

Location Sep 2018 Oct 2018 Nov 2018 Dec 2018 Jan 2019 Feb 2019
Washington, DC Elastic{ON} Tour Oct 22 – Oct 24

Classes in bold are guaranteed to run!