Elastic Alerting for Cybersecurity

Elastic Alerting for Cybersecurity

Upcoming Classes

No classes have been scheduled, but you can always Request a Quote.


The best security systems need to cast a wide net, and then know what’s a valid threat and what’s background noise. And they need to do all that without oversight, allowing administrators to focus their time on the valid threats. In this course, you will learn how to use Elastic Stack alerting functionality to hunt down threats based on custom queries and thresholds, and automatically notify users when there’s a problem.
Note: This course is a module of the Security Analytics specialization.


You will explore useful cybersecurity alerts that you can set up in order to enhance your security monitoring capabilities. You will also learn about how to create alerts based on Elastic machine learning anomaly detection. After completing this course, you will be able to use the Elastic Stack to hunt threats more effectively and efficiently.

Topics Covered

  • Introduction to Cybersecurity
  • Introduction to Elastic Stack Alerting
  • Configuring Cybersecurity Alerts
  • Incorporating Machine Learning into Alerting
Download Course Outline


2-3 hours


3 hours


Security Analysts, SOC Managers, Security Practitioners, Information Security Consultants, System Administrators


  • We recommend taking the following foundational courses (or having equivalent knowledge):
  • Familiarity with security log data
  • Basic networking knowledge
  • Basic experience with Elastic machine learning

Setup Requirements

  • Stable internet connection
  • Mac, Linux, or Windows
  • Latest version of Chrome or Firefox (other browsers not supported)
  • Disable any ad blockers and restart your browser before class

Additional Notes

Virtual Classroom Information
This instructor-led course is only taught in a virtual environment. We encourage participants to set up their systems prior to logging into the training environment the first day of the class. We also encourage being logged in 15 minutes prior to the start of class each day.

Training Specializations

This course is a module of the Security Analytics specialization. Find out how our focused Training Specializations can help you with your use case.

General Training Information
Have training questions? Review our FAQ or email us.